Hello, I’m using SNMP to get a list of established TCP connections. Right now I store the entire tcpConnTable and filter in Grafana for the connection state 11 (established). I figure I can cut down on storing all of the other states by filtering in telegraf, but it doesn’t seem to be working.
I also have reverse DNS processor configured. I’m getting a lot of error logs from unable to lookup 0.0.0.0 and 172.*** so I’d like to filter those too. Using namedrop = [“0.0.0.0”, “172.*”] in either the processor or in the SNMP input seem to work. Below is the TCP input config. Am I doing something wrong?
(Note, I’m defining everything manually as a field, otherwise they get stored as tags)
## TCP Details
[[inputs.snmp.table]]
oid = "TCP-MIB::tcpConnTable"
index_as_tag = false
[[inputs.snmp.table.field]]
name = "tcpConnState"
oid = "TCP-MIB::tcpConnState"
namepass = ["11i"]
[[inputs.snmp.table.field]]
name = "tcpConnLocalAddress"
oid = "TCP-MIB::tcpConnLocalAddress"
[[inputs.snmp.table.field]]
name = "tcpConnLocalPort"
oid = "TCP-MIB::tcpConnLocalPort"
[[inputs.snmp.table.field]]
name = "tcpConnRemAddress"
oid = "TCP-MIB::tcpConnRemAddress"
namedrop = ["0.0.0.0", "172.*"]
[[inputs.snmp.table.field]]
name = "tcpConnRemPort"
oid = "TCP-MIB::tcpConnRemPort"
