Added a custom config file, snmpv3_usm_users.conf , which will allow you to setup multiple SNMPv3 USM Users for receiving Traps on the same port.
In some rare circumstances , and only on Windows , there may be permission errors rolling log files when you have configured multiple stanzas.Added a patch to uniquely name log files on a per stanza basis.
tasklist
on Windows to detect and kill rogue snmp.py processessome minor regex field extraction tweaks to the snmp_attributes and snmp_traps sourcetypes
general robustification around MIB loading/compiling and better error messages to help diagnose issues with your custom vendor MIBs
upgraded the Splunk Python SDK to v 1.6.18 to meet the latest App Inspect/Cloud Vetting rules.
added low level pysnmp library debug logging to the logging output if level "DEBUG" is chosen
can now configure an engine id for a USM User for receiving v3 traps
patched pysnmp for COUNTER/TIMETICKS encodings that might decode into a negative value
ensure DefaultResponseHandler doesn't emit empty content
ensure that retrieved credentials always contain some placeholder String value in case no password values are returned from Splunk's REST API
added flag to optionally disable process state checking
fix to Process state checking for Windows environment
Browse here for Release Notes : https://www.baboonbones.com/php/markdown.php?document=snmp/RELEASE_NOTES.md
Browse here for Release Notes : https://www.baboonbones.com/php/markdown.php?document=snmp/RELEASE_NOTES.md
Browse here for Release Notes : https://www.baboonbones.com/php/markdown.php?document=snmp/RELEASE_NOTES.md
upgraded logging functionality
docs update
added a setup page to encrypt any credentials you require in your configuration
Enforced python3 for execution of the modular input script.If you require Python2.7 , then download a prior version (such as 1.6.5).
general appinspect tidy ups
general appinspect tidy ups
minor bug fix
minor tweaks to threading code logic for polling SNMP OID attributes
Dual Python 2.7 and 3+ compatibility.
App will run on :
Splunk Enterprise versions back to Splunk 5 where there is only a Python 2.7 runtime shipped
Splunk Enterprise version 8 where there is both a Python 2.7 and Python 3+ runtime shipped
Future versions of Splunk Enterprise where there is only a Python 3+ runtime
fixed Splunk 8 compatibility for manager.xml file
updated docs
added trial key functionality
docs updated
Added an activation key requirement , visit http://www.baboonbones.com/#activation to obtain a free,non-expiring key
Docs updated
Splunk 7.1 compatible
Merged in community Pull requests.
Add a new option to get subtree
Add a new option to perform rDNS for trap source
Fix to resolve missing server extractions on the SNMPv3 trap receiver
In the destination field for polling attributes , you can now optionally specify a comma delimited list of hosts
Fixed Bug in UI that prevented declaring custom MIB Names when in listen traps mode
Fixed host field extraction for receiving v2 traps
Minor code tweaks
Updated the Manager UI to be simpler and more intuitive
Minor Cosmetic fixes
SNMP v3 support , please follow the docs regarding pycrypto dependencies
pysnmp library update to 4.2.5
Support for plugging in custom response handlers that can format the raw SNMP data in a particular format or perform preprocessing on the raw SNMP data before indexing in Splunk. Has a default response handler which produces the same output as previous versions.Also ships with an example JSONFormatterResponseHandler.
Robustified exception handling
More detailed logging
Added more lenient exception handling code so that the trap listener won't terminate when it can't resolve an OID , and will instead just index the raw OID and print the error message to splunkd.log
For custom MIBS , added the ability to drop plain python(.py) files into the bin/mibs directory , no need to egg them up
Tweaked the Manager UI list view
Got MIB resolution working properly for traps and attribute polling , added a config field so you can declare any MIB names you want applied, any custom MIBs still need to be converted into Python modules first(see the docs) ++ Added a config option to split out "get bulk" results into individually indexed events ++ changed the setup screen layout to be better organised
Renamed the manager xml file to avoid naming clashes
Some minor script tweaks around custom MIB loading
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.