Hi Guys,
On a limited number of CentOS & Ubuntu machines we are monitoring with Observium we are seeing dozens of SNMP queries from Observium in a very short window (10-20 seconds).
Snip of the logs from /var/logs/messages
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:55776->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]
We are trying to understand why Observium would be sending so many queries back to back as well as why we are seeing this on some machines, but not others.
Thanks!
-Lane