SNMPLOGD Version 1.2.5 Beta
===========================

Updated: September 6, 2002

'snmplogd' will log SNMP trap messages from a Linksys EtherFast Cable/DSL
router models BEFSR11, BEFSRU31 and BEFSR41.

You must have firmware revision 1.35 or later installed in your
Linksys EtherFast Cable/DSL router.  Prior firmware revisions, with
the exception of 1.30 Beta, did not provide the router with the capability
of broadcasting SNMP trap messages.

Before using 'snmplogd', make sure that you have enabled the option to
broadcast SNMP trap messages on you Linksys EtherFast Cable/DSL router.
See your router documentation for instructions on how to do this.

This is BETA software.  Please use it at your own risk.  'snmplogd' is
a begnign listener, so it has little if any potential to harm a Unix
system.

Changes:
--------

May 1, 2002

My friend and colleague, Marc Reibstein, noticed that the Linksys EtherFast
Cable/DSL router sometimes neglects to place a newline character at the end
of certain messages.  This caused those messages to appear attached to the
previous message.  Modified the 'snmplogd' daemon to examine the last byte
of the message and place a newline character after it if it wasn't a newline
character.

May 11, 2002

Yet another problem with message formatting introduced by the 1.42.7 firmware
of the Linksys EtherFast Cabel/DSL router models BEFSR11, BEFSRU31 and BEFSR41.

May 17, 2002

No changes to 'snmplogd', only 'xsnmplog' has been modified.

September 6, 2002

Added the '-s' command line option that when specified with the '-d' flag,
supresses the "Flushed message buffer to log file <logfile>" message from
being sent to the syslog. 

To build snmplogd:
------------------

1. cd <unzip directory>

2. su to root

3. Edit the 'Makefile' default paths as desired:

   PIDDIR=\"/var/run/\" 
   This is the currently running daemon process ID path.

   MSGDIR=\"/var/log/snmplog/\"
   This is the location of the log files.

   CMDDIR=\"/var/run/\"
   This is the location of the command pipe for the currently running daemon.

   MANPATH=\"/usr/man/\"
   This is the path to your manpages where man1/snmplogd.1 will be placed.

   Alternately, instead of modifying the 'Makefile', you can supply the
   desired paths to make as parameters as follows:

   make PIDDIR=\"/var/run/\" MSGDIR=\"/var/log/snmplog/\" CMDDIR=$(PIDDIR)

   Note to AIX users:
   ==================

   If you intend to build 'snmplogd' to run in an AIX environment, you
   must run make with the following parameter:

   make [options_as_described_above] ENVIRONMENT=-DAIX


   Note to SOLARIS users:
   ======================

   Modify the LIBS statement in the Makefile as follows:

   LIBS         = -lnsl -lresolv -lsocket

   Note:
   =====

   If you experience problems with the gcc optimizing compiler, try lowering
   the optimization level in the Makefile (CPP_FLAGS) from '-O3' to '-O2' and
   finally to just '-O' if necessary.

4. make clean

5. make

6. make install

Setup logrotate to rotate the snmplogd logs
-------------------------------------------

If you run something like 'logrotate' to automatically
rotate and delete old log files, you can add something
similar to the following entries to your 'logrotate.conf'
or equivalent file.

1. Add the following to your '/etc/logrotate.conf' file:

/var/log/snmplog/snmplog.messages{
        daily
        rotate 7
        missingok
        prerotate
                /usr/local/snmplog/snmplogd -q > /dev/null
        endscript
        postrotate
                /usr/local/snmplog/snmplogd -d > /dev/null
        endscript
}

		- or -

If you do use 'logrotate', run the 'edit.logrotate.conf' script
included with this tarball.

./edit.logrotate.conf

Start snmplogd:
---------------

1.	./snmplogd -h	 <--- display help
	./snmplogd -d	 <--- start snmplogd daemon
        ./snmplogd -d -s <--- start snmplogd daemon supressing flushed messages
	./snmplogd -f    <--- flush the log buffer
	./snmplogd -v	 <--- display snmplogd version
	./snmplogd -q	 <--- quit snmplogd daemon
	./snmplogd -p	 <--- display PID for running snmplogd daemon

        'snmplogd' options are not case sensitive, this means that
        "-d" and "-D", or "-q" and "-Q" will yield the same results.

        The "-s" option is ignored if specified with any option other than
        the "-d" option.

2.	You'll normally want to start 'snmplogd' as a daemon as follows:

	./snmplogd -d

3.	'snmplogd' will write the SNMP trap messages from your Linksys
	router to /var/log/snmplog/snmplog.messages

4.	Since these messages are buffered, you may not see any
	entries in the log until you issue a "flush buffers"
	command as follows:

	./snmplogd -f

5.	To terminate the snmplogd daemon, issue the following:

	./snmplogd -q

6.      'snmplogd' can also run in a "console" mode.  This is
        primarily usefull for debugging.  To start 'snmplogd'
        in console mode, simply run it with no parameters as
        follows:

        ./snmplogd

        When running in console mode, 'snmplogd' honors some
        keystroke entries as follows:

        V - Display SNMPLog version.
        H - Display this brief help text.
        ? - Same as "H".
        P - Display the Process ID (PID) of this SNMPLog process.
        Q - Terminate SNMPLog.
        
        The commands are not case sensitive, so "P" will behave
        the same as "p", "q" the same as "Q", etc.

	There may be a slight delay (usually not more than 1 second)
        before snmplog responds to a keystroke.

        You can also terminate a console 'snmplogd' session with
        Ctrl-C ,'./snmplogd -q' or 'kill -SIGKILL snmplogd_PID'.

        'snmplogd' will display its current PID (Process ID) in
        console mode when you press the "P" key. 
        
View the snmplogd log in realtime:
----------------------------------

1.	./followlog

        Use Ctrl-C to end the followlog script.

        Note: The 'followlog' script is presented as a sample
              script to demonstrate some of the things you
              may wish to do with the Linksys router logs.

              You may need to modify the script to suit
              your installation.

Additional notes:
-----------------

1.	A sample script to format the snmplog.messages file
	entries:

	./formatlog

2.	You can use 'formatlog' as a model to extract any
	information you wish from the snmplog.messages file.

3.      Another sample script 'formatlog.ansi' is provided
        to illustrate using colors to highlight certain log
        entries.  If your terminal supports ANSI colors, you
        can use this script:

        ./formatlog.ansi

4.	If you are using /etc/rc.d/init.d to start your
	subsystems and daemons, you can add an entry to start
	snmplogd.

	Use the provided rc.d/init.d/snmplogd script as an example.

	Next, you'll need to place the start links and kill
	links in rc0.d through rc6.d such that snmplogd starts
	after inet and shuts down before inet.

	example:

	rc0.d, rc1.d, rc2.d and rc6.d
	-----------------------------

	ln -s ../init.d/snmplogd K45snmplogd


	rc3.d, rc4.d and rc5.d
	----------------------
	
	ln -s ../init.d/snmplogd S55snmplogd 

5.      Make sure that you have no other software bound to port
        162 on the machine that is running 'snmplogd'.  Port 162
        cannot be simultaneously shared with other applications.

License:
--------

'snmplogd' is free software and may be freely distributed provided
that it is distributed in its original form and entirety.  Credit
to the authors (Marc Niegowski and Gregory Whitehouse) must be
present with any distribution of this software.

'snmplogd' is provided with NO WARRANTY whatsoever, either expressed
or implied.

Copyright:
----------

Copyright  2002, Marc Niegowski
Connectivity, Inc.
All rights reserved.

23 W. Fourth Street
Media, PA 19063-2805
USA

Phone: 610-566-0227
Fax:   610-566-0641

Email: Marc@Tech-Center.com
Web:   http://www.marcsweb.com
Ftp:   ftp://ftp.marcsweb.com


Beta Testers:
-------------

Gregory Whitehouse (IBM AIX 4.3.3 IBM/RS6000)
Patrick Hundal     (Sun Solaris SPARC T1) 
Brad Wilmot        (Redhat 6.1 Intel Pentium 100)

(END)
