Receive and act on SNMP Trap alerts sent directly by your network devices. Cloudmon listens for traps on port 162, displays them under Logs, and lets you apply rules to tag, discard, create events from, or raise alarms on any trap type. AI-assisted analysis decodes each trap into plain-language guidance.
SNMP Traps are unsolicited alert messages sent by network devices to a designated trap receiver when a specific event occurs, without waiting for a polling cycle. Unlike standard SNMP polling where Cloudmon queries devices on a schedule, traps are device-initiated: the device detects an event and immediately notifies Cloudmon. This makes them particularly valuable for catching time-sensitive conditions such as interface state changes, authentication failures, hardware faults, and power events as they happen.
A practical example: if someone repeatedly attempts to log into a firewall with incorrect credentials, the firewall sends an Authentication Failure trap to Cloudmon each time. Your team receives an immediate notification and can investigate a potential brute-force attack before access is compromised, rather than discovering it hours later during a routine log review.
Cloudmon receives traps forwarded to the probe on port 162 and displays them under Logs → SNMP Traps. Trap rules can then be applied to automatically tag, filter, or raise alarms on any trap type.
SNMP Trap monitoring is enabled in two steps: first at the probe level, then at the individual device level.
Step 1: Enable on the probe: Navigate to Settings → Monitoring → Probes, select and edit the probe that will receive traps, and activate SNMP Trap monitoring. This tells the probe to begin listening for trap messages on port 162.
Step 2: Enable on the device: Navigate to Network → Network Devices or the SNMP Device tab within the Cloudmon interface, select and edit the device, and enable SNMP Traps at the device level.
After enabling traps on both the probe and device, configure the network device itself to forward SNMP traps to the IP address of the Cloudmon probe on port 162. This is done through the device's SNMP trap destination or trap receiver settings. Once configured, traps will appear under Logs → SNMP Traps.
Trap rules give you control over how Cloudmon processes incoming SNMP Traps. Navigate to Settings → Configurations → Log Rules and click Add. Fill in the fields as follows:
| Field | Description |
| Enabled | Determines whether the rule is active. Set to Off to disable without deleting. |
| Name | A descriptive name for the rule that identifies its purpose, such as "Alert on Authentication Failure" or "Discard Informational Link Traps". |
| Probe | The probe receiving the traps that this rule applies to. |
| Log Type | Set to SNMP Trap to apply this rule to incoming trap messages. |
| Conditions | Defines whether the rule applies to every trap entry or only to entries that match specific conditions such as OID, source device, or trap type. |
| Active Time Window | Restricts the rule to a defined time period. Useful for suppressing expected traps during planned maintenance windows. |
| Entry Count | Controls whether the rule fires for every matching trap entry or only once a defined count is reached within a time period. |
| Flood | When enabled, removes cooldown between triggers, allowing the rule to fire on every matching trap continuously. |
Each rule also includes an Actions section defining what Cloudmon does when conditions match. Available actions are Tag the Entry, Flag for Discard, Stop Processing Rules, Create Event for the Log, and Raise Alarms. These work identically to Syslog rule actions. See Syslog for full descriptions of each action.
Cloudmon integrates with Azure OpenAI to provide AI-assisted analysis of SNMP Trap messages. SNMP traps often contain technical OID references and encoded values that are difficult to interpret without vendor documentation. When viewing a trap under Logs → SNMP Traps, click the AI button next to the entry to receive an instant breakdown covering an Overview of the event, its potential Impact on your infrastructure, a plain-language Summary, and Troubleshoot and Analyse guidance.
For example, a cold-start trap from a core switch that would normally require cross-referencing MIB files and vendor documentation can be decoded in seconds into a clear explanation of what the trap means, whether it indicates an unplanned reboot, and what to check on the device.
To enable this feature, configure an Azure OpenAI integration under Settings → Configurations → Integrations. Enter your Target URI and API Key from your Azure OpenAI resource and click Save.
| Issue | What to check |
| No traps appearing under Logs even after enabling | Confirm SNMP Trap monitoring is enabled at both the probe level and the device level. Then verify the network device is configured to send traps to the probe IP address on UDP port 162. Check that no firewall is blocking UDP 162 between the device and the probe. |
| Traps arriving but not matched to the correct device in Cloudmon | The trap source IP must match the device IP configured in Cloudmon. If the device sends traps from a loopback interface or a secondary IP, update the trap source setting on the device to use the same management IP address that is registered in Cloudmon. |
| Trap rule conditions are not matching as expected | Verify the Log Type in the rule is set to SNMP Trap and not Syslog. Check that the conditions reference the correct OID or trap type. If another rule with a Stop Processing Rules action appears earlier in the rule order and matches the same traps, it will prevent this rule from being evaluated. |
| Trap volume is overwhelming the database | Create a trap rule with Flag for Discard and Stop Processing Rules for trap types that are high volume and low value, such as link up or link down traps on access layer switches that change state frequently. This filters them out before they reach the database while still allowing critical trap types to be stored and actioned. |
| AI analysis button not visible on trap entries | The Assistive AI feature requires an Azure OpenAI integration. Navigate to Settings → Configurations → Integrations, locate the Azure OpenAI Service widget, and confirm a Target URI and API Key are saved. Without this integration, the AI button will not appear on any log or trap entry. |