Ever wondered what is difference between SNMP and Syslog?

By Tabish Khan on
SNMP is primarily a protocol for network management and monitoring. Using SNMP, admins can gather and manage information about network devices, track performance metrics, configure devices remotely, and receive notifications (traps) about specific events or conditions. There are two types of SNMP devices 1) SNMP Managed devices These are devices being managed using SNMP such as Routers, Switches, etc. 2) NMS (Network Management System/Status) These are devices/device managing the managed devices. This is an SNMP Server. For the purpose of demonstration, I will consider the following topology.
Let's say, I want to get the system name, From the SNMP server, I am sending an SNMP GET message to the managed device to get its name.
In the same you, you can send the SNMP SET message to change the system name.
Notice that the Router name has been changed from R1 to R5
Syslog is primarily used for log management, troubleshooting, and security analysis. It enables administrators to centralize logs from various devices and applications, making it easier to search, filter, and analyze log data.Let's consider this topology for the purpose of demonstration.
Let's say I add a Test user to the Fortigate Firewall.
If I go to the Syslog Server, notice that log (syslog message) for that change has been sent to the Syslog Server.
Please note that In Syslog, messages are only sent from devices to Syslog Server only. The Syslog server can not actively pull information from the devices or modify changes. Whereas in SNMP, SNMP Server can send SNMP GET message to a managed device to pull information, and an SNMP SET message to managed devices to modify variables on them as shown above. To Conclude, Syslog and SNMP are both used for monitoring and troubleshooting devices. They are complimentary but their functionalities are different.

Comments

Post a Comment

Popular posts from this blog

What are different SSH Authentication Methods?

By Tabish Khan on
Image
  Have you ever tried to set up an ssh connection to Linux machines? Have you ever wondered how many ssh authentication methods you can use to get remote access to a Linux machine?   At the end of the blog post, you will have a great understanding of what are some of the ssh authentication methods that you can use to get remote access to a Linux Machine. For the purpose of demonstration, I will use the following topology. I have three Linux machines. Ubuntu-Workstation having IP address = 10.0.0.249 Ubuntu-Server having IP address = 10.0.2.15 CentOS-Workstation having an IP address = 10.0.2.16 Our main objective will be to get ssh remote access to Ubuntu-Server and CentOS- workstation from Ubuntu -orkstation. I will discuss Three SSH Authentication Methods. Password-Based Authentication Key-Based Authentication  with Passphrase Key-Based Authentication  without Passphrase Before starting make sure that the OpenSSH server is installed on all of these machines. Ubun...
Read more

Ping Fails But Traceroute works?

By Tabish Khan on
Image
Have you ever encountered a situation?  when you ping a device, it fails but when you traceroute to the same devices, it works. At the end of the blog post, you will have a great understanding of why this happens. In my previous blog post "But How Does Traceroute Works", I have explained in detail how does traceroute works. You can continue reading this blog post without reading my previous blog post but it will really help you out to read that blog post as well. Click  But How Does Traceroute Works?  to read my previous blog. For the purpose of demonstration, I will use the following topology. Figure 1 Throughout this blog post i will use the terms Source and Destination. Whereas  Source = Kali-Linux ( having ip address 192.168.10.105) Destination = Linux Server ( having ip address 192.168.30.105). Case 1 Linux Server  can receive ICMP echo request packets and can respond with ICMP echo replies when it receives ICMP echo request packets. ping -c 4 192.168.30.10...
Read more