Verify an SNMP trap sender and receiver path#
When to use this procedure#
Use for SNMP action, SNMP Trap Receiver, and SNMP Monitor.
Applies to#
This procedure applies to WinSyslog.
Prerequisites#
Use an account that can read the product configuration and Windows diagnostic state.
Replace angle-bracket placeholders with values from the affected system.
Safety#
Run diagnostic checks before changing configuration.
Remove passwords, private keys, license data, and other secrets from evidence.
Configuration path#
Configuration Client > the service, rule, or action named on the Event ID page.
Procedure#
Record transport, port, version, community/security profile, source, destination, and OIDs.
Expected result: The affected object and its effective settings are identified.
If it fails: Return to the complete Event Log detail and configuration export before changing settings.
Run the native Windows checks below from the affected product host.
Get-NetUDPEndpoint -LocalPort <PORT> | Format-Table LocalAddress,LocalPort,OwningProcess
Expected result: The intended process owns the endpoint and records a unique test with expected OID and value.
If it fails: Correct binding/firewall, then version, security, OID, variable type, or receiver filter.
Perform one uniquely identifiable product test through the same service, rule, or action.
Expected result: The intended destination records the test exactly once.
If it fails: Collect the first new product event and bounded debug output; do not change unrelated settings.
Verify the result#
Repeat the affected operation, confirm its positive output, and verify that queues, collection positions, or remote delivery continue normally.
Evidence to collect#
The complete Event Log entry and neighboring product events with timestamps.
The command output, relevant configuration export, and bounded debug log from the same interval.
Optional tools#
Use Wireshark only as an optional bounded packet capture.