When dealing with SNMP communication issues, users will often need to capture SNMP packets for debugging purposes. What is the best practice for capturing these packets?
Release : 20.2.x
Component : Spectrum Core / SpectroSERVER
On Windows, Wireshark is the best practice for capturing these packets.
On Linux, tcpdump is a great tool to run this capture. Below is a sample command that can be run on SpectroSERVER systems to review the SNMP data:
tcpdump -w troubleshoot.pcap -vv -A -T snmp -s 0 "(dst port 162) or (src port 161) or (dst port 161) and (host <SpectroSERVER IP>)"
If SNMPv3 is being used, the SNMPv3 profile information will need to be entered into Wireshark in order to decrypt the packets so they are legible.