How to set debug for TrapExploder

Document ID : KB000023053
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction  

How do I turn on debug for TrapExploder?

 

Instructions

If TrapExploder is installed on a Windows server

  1. Uncomment the '# debug' line in  the trapexploder.cf file. (remove the # symbol)

    On a 32-bit server, file is c:\windows\system32\trapexploder.cf
    On a 64-bit server, file is c:\windows\sysWOW64\trapexploder.cf

  2. Log all incoming traps into TrapExploder by entering this line as the first active filter statement in trapexploder.cf:

    filter * * * * * * file c:\temp\alltraps.txt 2000

  3. If possible, also perform a packet capture on the  TrapExploder server using Wireshark. Filter on UDP/162 to limit capture to trap traffic.

  4. Stop and restart TrapExploder service from the Services control panel.

  5. Reproduce the problem.
  6. To turn off debug mode, add the # symbol back to the 'debug' line in trapexploder.cf, then stop and restart the TrapExploder service.

Files to send in for analysis

  • alltraps.txt
  • c:\trapx\log\trapexploder.cf (if trapexploder is part of eHealth, the file is %NH_HOME%\bin\trapx\log\trapexploder.log
  • The capture file from wireshark

 

If TrapExploder is installed on a Solaris or Linux server

  1. Uncomment the '# debug' line in /etc/trapexploder.cf (remove the # symbol)

  2. Log all incoming traps into TrapExploder by entering this line as the first active filter statement in /etc/trapexploder.cf:

    filter * * * * * * file /tmp/alltraps.txt 2000

  3. If possible, also perform a packet capture on the TrapExploder server using Wireshark or tcpdump. Filter on UDP/162 to limit capture to trap traffic.

  4. Stop and restart TrapExploder

    /etc/init.d/trapexploder stop
    /etc/init.d/trapexploder start

  5. Reproduce the problem.

  6. To turn off debug mode, add the # symbol back to the 'debug' line in /etc/trapexploder.cf, then stop and restart TrapExploder.

Files to send in for analysis

  • alltraps.txt
  • /etc/trapexploder.cf (if trapexploder is part of eHealth, the file is $NH_HOME/bin/trapx/log/trapexploder.log
  • The capture file from wireshark or tcpdump

 

Additional Information

For complete details on configuring and using TrapExploder, please review the TrapExploder Users Guide (attached)

trapexploder.pdf

 

File Attachments:
TEC519514.zip