Hi All,
For the purposes of PCI compliance, I am attempting to log rogue access points that are detected via RAPIDS into a central log aggregation/reporting (Splunk) instance. I'm trying to determine where the received SNMP traps are logged to, but:
/opt/airwave/sbin/snmptrapd -n -On -A -t ...
The "-t" switch in the snmptrapd instance specifies not to write traps to Syslog
... -LF e /var/log/snmptrapd ...
While this switch specifies to write SNMP messages to /var/log/snmptrapd, all I seem to be getting in here is:
couldn't open udp:162 -- errno 98 ("Address already in use")
Despite the AirWave GUI saying it has detected rogues???
So the question...
How can I get AirWave to log rogue/suspected rogues to a file &/or forward these events to a Syslog server?
Thanks in advance :-)