Hi Guys,

 

On a limited number of CentOS & Ubuntu machines we are monitoring with Observium we are seeing dozens of SNMP queries from Observium in a very short window (10-20 seconds).

 

Snip of the logs from /var/logs/messages

 

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:55776->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

Nov 21 14:43:52 hostname snmpd[22648]: Connection from UDP: [xxx.xxx.xxx.xxx]:37575->[xxx.xxx.xxx.xxx]

 

We are trying to understand why Observium would be sending so many queries back to back as well as why we are seeing this on some machines, but not others.

 

Thanks!

 

-Lane