I updated to CentOS 4.5 yesterday and now I am finding the snmpd daemon is logging reams and reams of these messages: May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1 May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12 Is there a way to turn off this useless logging? I am getting these every 5 minutes (every time MRTG updates my MailScanner statistics). So far what I tried was to take off the -a switch when starting snmpd. That didn't help. This snmpd behavior is new from CentOS 4.4. -- Paul (ganci at nurdog.com)
Paul R. Ganci wrote:> May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1 > May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12 > > Is there a way to turn off this useless logging?Ok I found the answer to this problem. The /etc/rc.d/init.d/snmpd script contains the following code snippet: if [ -e /etc/sysconfig/snmpd.options ]; then . /etc/sysconfig/snmpd.options else OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a" fi Note that the OPTIONS= line indicates that smnpd starts with both -Lsd and -Lf /dev/null. As a result a ps auxww shows: root 19645 0.0 0.2 12340 4436 ? S 12:05 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a and apparently the -Lsd overrides the -Lf /dev/null so everything gets logged. If I create a /etc/sysconfig/snmpd.options file containing: OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a" then only warnings or worse are logged to /var/log/messages and the useless connection messages get suppressed. The key is to remove the -Lf /dev/null and replace -Lsd with -LS 4 d. The latter switch says to use syslog to log messages from the daemon, but only if the priority is warning or worse. No more unwanted log entries. -- Paul (ganci at nurdog.com)
rs at centos.spam.futz.org wrote:> The '-Lf /dev/null' was to disable > the default log file, because snmpd used to always open it, even if other log > types were specified. Newer releases don't open the default log file unless > no other logging method is specified, so the '-Lf /dev/null' can (and should) > be dropped... >My observation indicates that there is more to it than this. I also never saw any snmpd messages in the syslog under CentOS 4.4 even though snmpd was started with -Lsd switch? It appears that in CentOS 4.4 the -Lsd was ignored. I assumed, perhaps wrongly, that behavior was because of the simultaneous use of -Lf /dev/null switch. With CentOS 4.5 snmpd now does something with the -Lsd switch. In this sense it appears that maybe a bug was actually fixed going from CentOS 4.4 to CentOS 4.5. However, I am not convinced that -Lsd is a good default. -- Paul (ganci at nurdog.com)