RE: [nv-l] Finding offending application

["Evans, Bill" <Bill.Evans@hq.doe.gov>]

Common problem with no good solution.  Cisco products generally send the originating node of the failing SNMP request in their trap.  No one else seems to.  You have to go to the ORIGINATING machine for the trap and look in its log to find the ultimate offender.  If the trap was sent by a router,  switch or server other than Cisco the identifier will usually be in that device's log. 

Bill Evans
Tivoli NetView Support for DOE
301-903-0057

-----Original Message-----
From: owner-nv-l@lists.us.ibm.com [mailto:owner-nv-l@lists.us.ibm.com] On Behalf Of Brian W Green
Sent: Wednesday, June 23, 2004 1:19 PM
To: Netview Mailing List
Subject: [nv-l] Finding offending application

We have an issue on one of our AIX Servers where an application is
sending SNMP polls with the incorrect community string.  Does anyone
know of a way to figure out what application is doing this, other than
going through every app individually?  We checked the /var/tmp/snmpd.log
file, but that only shows the source as 127.0.0.1

Thanks,

Brian

Brian W. Green
IBM Certified Deployment Professional
CGI Information Systems and Management Consulting
275 Slater Street, 14th Floor
Ottawa, Ontario
K1P 5H9
(613) 234-2155
brian.green@cgi.com