Thursday, June 15, 2006

Just what is a log (and what is not?)

Logblog: A Log By Any Other Name: "A log file is a file that lists all actions that have occurred on a device, within an application, or on a server."

Seeing blog post on our blog reminded me of a debate I had with one of my friends: is SNMP trap a log?

Why 'yes'
* it comes over UDP, just like syslog
* it helps to know what happened on a system

Why 'no'
* people don't think so :-)
* traps are supposed to be acted on, not analyzed

Overall, more often than not I think that SNMP traps should be considered logs for most practical purposes (and, most certainly, for security purposes)


kjschmidt said...

I totally agree. Too many people view SNMP as something which should be "acted on, not analyzed." Why can't it be both? I *should* be both.

vijayakumar said...

Hi Anton,

I just saw your blog.. Can you please help me, what is SNMP Trap and how can we implement Netapp snmp trap in a monitoring application like BigBrother



Dr Anton Chuvakin