The Simple Network Management Protocol (SNMP) is not simple, but a very helpful framework. I might go into the details at another time, but here some notes on how to reduce the logging when it gets annoying.

I have several queries running at rather tight intervals. In the default settings snmpd will log every connection made. As those connections are not reused among the queries, the syslog can become bloated with according entries like this:

[...]
Jan 25 06:25:30 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:45671->[192.168.1.51]:161
Jan 25 06:25:30 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:45671->[192.168.1.51]:161
Jan 25 06:25:35 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:48398->[192.168.1.51]:161
Jan 25 06:25:35 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:48398->[192.168.1.51]:161
Jan 25 06:25:35 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:48398->[192.168.1.51]:161
Jan 25 06:25:35 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:48398->[192.168.1.51]:161
Jan 25 06:25:38 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:38691->[192.168.1.51]:161
Jan 25 06:25:38 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:38691->[192.168.1.51]:161
Jan 25 06:25:38 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:38424->[192.168.1.51]:161
Jan 25 06:25:38 hostname snmpd[485]: Connection from UDP: [192.168.1.40]:38424->[192.168.1.51]:161
[...]

If so, it’s time to reduce the logging. The relevant setting is in the options string contained in /etc/default/snmpd. Replace the lower-case s right at the beginning with an upper-case S4 to activate filtering by priority and set it to WARNING. The default is to log everything (which corresponds to level 5 for NOTICE).

root@hostname:~# vim /etc/default/snmpd
[...]
# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'
SNMPDOPTS='-LS4d -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'
root@hostname:~# systemctl restart snmpd

After the restart connections will not be logged anymore, while you will still get messages of level WARNING or worse.

This has changed in Debian Strech due to the use of systemd. The parameters from this configuration file are simply not used with in systemd calling the script. The command systemctl cat snmpd will show you what parameters it uses, and you can override them using sytemctl edit snmpd. This will ask for an override line and is not like editing the existing parameters. Like this …

root@hostname:~# systemctl cat snmpd
# /lib/systemd/system/snmpd.service
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=network.target
ConditionPathExists=/etc/snmp/snmpd.conf

[Service]
Environment="MIBSDIR=/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/
Environment="MIBS="
Type=simple
ExecStartPre=/bin/mkdir -p /var/run/agentx
ExecStart=/usr/sbin/snmpd -Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

To override the options of ExecStart I entered an override like this then:

root@hostname:~# systemctl edit snmpd
[Service]
ExecStart=
ExecStart=/usr/sbin/snmpd -LS4d -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f

The command automatically creates a directory in which it places the file, which then appeared as /etc/systemd/system/snmpd.service.d/override.conf. The category needs to be given and the prior ExecStart erased by issuing it empty once. Kinda strange. After this repeating the cat command from above now shows the override as well:

root@hostname:~# systemctl cat snmpd
# /lib/systemd/system/snmpd.service
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=network.target
ConditionPathExists=/etc/snmp/snmpd.conf

[Service]
Environment="MIBSDIR=/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/
Environment="MIBS="
Type=simple
ExecStartPre=/bin/mkdir -p /var/run/agentx
ExecStart=/usr/sbin/snmpd -Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

# /etc/systemd/system/snmpd.service.d/override.conf
[Service]
ExecStart=
ExecStart=/usr/sbin/snmpd -LS4d -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f

But it doesn’t work that way? I tried again but using the --full option on the edit command. That gave a copy of the file to edit and this actually worked then. Also doing a root@hostname:~# systemctl daemon-reload after these changes seems necessary.