Aug 1 16:08:38 flask-yellow snmpd[1976]: Connection from UDP: [192.168.1.38]:52021Argh. Detail logging is good, but pointless noise is not. The solution isn't very well documented but you can bring this to a stop.
Aug 1 16:08:38 flask-yellow last message repeated 24 times
Step 1.) Make sure you have net-snmp 5.3.2.2 or later. This should not be a problem as even RHEL5/CentOS5 provide this version via update.
$ rpm -q net-snmpStep 2.) Edit /etc/sysconfig/snmpd.options or your system's equivalent making sure you do not pass the "-a" option to the SNMP daemon. The "-a" option enables the logging of the source IP addresses of all incoming requests. If you want to know about these kind of events iptables and ulog are more reliable and efficient methods for capturing that information.
net-snmp-5.3.2.2-9.el5_5.1
# OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a"Step 3.) Edit the /etc/snmpd/snmpd.conf verifying you have the dontLogTCPWrappersConnects directive set to 1 (true). Add this directive to the configuration file if it is not specified.
OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid"
Step 4.) Restart the SNMP service.
Now when you go to look into the log files it is again possible to hear the breeze, the singing of the birds, and the distant growling of that guy from Kazakstan who is trying to crack your SSH daemon.
