[f-nsp] [MLX] - Disable snmp-auth-failure logging

Mathieu Adamczewski madamczewski at eurafibre.fr
Wed May 17 02:53:37 EDT 2017


Hello everyone,

I would like to know if it is possible to make my MLX forget messages in 
logs when an unauthorized IP tries to connect to my equipment.

Because I have in my logs I constantly this kind of message:

May 15 10:05:51: I: Security: SNMP access from src IP 185.35.62.142 
rejected, 1 attempt (s)
May 15 10:05:36: I: Security: SNMP access from src IP 185.35.62.158 
rejected, 1 attempt (s)
May 15 10: 04: 58: I: Security: SNMP access from src IP 185.35.62.134 
rejected, 1 attempt (s)
May 15 10:04:46: I: Security: SNMP access from src IP 185.35.62.206 
rejected, 1 attempt (s)
May 15 10: 03: 33: I: Security: SNMP access from src IP 185.35.62.24 
rejected, 1 attempt (s)
May 15 10: 03: 21: I: Security: SNMP access from src IP 195.202.146.2 
rejected, 98 attempt (s)
May 15 10: 03: 08: I: Security: SNMP access from src IP 185.35.62.230 
rejected, 1 attempt (s)
May 15 10: 03: 01: I: Security: SNMP access from src IP 185.35.62.96 
rejected, 1 attempt (s)

Except I have set up rules in SNMP to allow only the IP of my monitoring 
servers and I have an ACL forbidding all the IP that I don't know.

I also applied the "no logging enable snmp-auth-failure" command to tell 
me that this should match my need but nothing to do that does not work.

Has anybody ever gone through that kind of question? If yes, is there a 
solution?

Best Regards.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20170517/3f42a757/attachment.html>


More information about the foundry-nsp mailing list