1 Reply Latest reply on Feb 12, 2013 9:09 PM by ccannefax

    "Can Nitro be set up as an SNMP receiver and receive SNMP trap messages?"

    rabremmer

      "Can Nitro be set up as an SNMP receiver and receive SNMP trap messages?"

        • 1. Re: "Can Nitro be set up as an SNMP receiver and receive SNMP trap messages?"
          ccannefax

          We have asked this question as well and it's not designed for capturing the SNMP traffic. You can redirect logs to an SNMP destination as you'll note when adding a data source and choosing either Parsing (ESM), Logging (ELM) or SNMP (SNMP Trap Collector).

           

          However, you can't setup a data source to collect SNMP since it's not a specified model nor containing an authored parser specific to SNMP.

           

          What we do is point our systems with only SNMP ability to our SNMP trap server and then get that data back to SIEM from the database where it gets stored. While it seems like a hassle, Nitro isn't designed for doing that.

           

          The only other thing Nitro allows that has to do with SNMP is the ability to collect stats on the SIEM infrastructure which I find very helpful.