SNMP Trap Source Connector for Confluent Platform

The SNMP Trap Source connector is used to receive data (SNMP traps) from devices through SNMP and convert the trap messages into Kafka records.

Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions. SNMP provides a common language for network devices to relay management information within single and multi-vendor environments in a local area network (LAN) or wide area network (WAN). The most recent iteration of SNMP, version 3, includes security enhancements that authenticate and encrypt SNMP messages as well as protect packets during transit.

The connector should be configured to listen to PDUs (an SNMP protocol data unit) from an SNMP device. The connector interprets only those PDUs that are of type trap.


At least once delivery

This connector guarantees that records are delivered at least once to the Kafka topic. If the connector restarts, there may be some duplicate records in the Kafka topic.

Supports one task

The SNMP Trap Source connector supports running only one task.

SNMP protocols

The SNMP connector supports both SNMP V2 and V3 protocols. You can configure either of the protocols using the snmp.v3.enabled parameter. If you configure the connector to listen for SNMP V3, you must provide the following:

  • Security Name: Specifies the SNMPv3 security name(s) or user name(s).
  • Authentication Protocol: Specifies the SNMPv3 authentication protocol or type and its value. You can use any of the following algorithms:
    • MD5
    • SHA
    • HMAC128SHA224
    • HMAC192SHA256
    • HMAC256SHA384
    • HMAC384SHA512
  • Authentication Password: Specifies the SNMPv3 authentication passphrase or password.
  • Privacy/Encryption Protocol: Specifies the SNMPv3 privacy/encryption protocol and its value. You can use any of the following algorithms:
    • DES
    • 3DES
    • AES
    • AES128
    • AES192
    • AES256
  • Privacy Password: Specifies the SNMPv3 encryption password.


  • The connector supports only one task because the connector will open a listener port based on the configurations of snmp.listen.protocol, snmp.listen.address, and snmp.listen.port. For multiple tasks, multiple ports need to be opened. Currently this is not supported.
  • The authentication protocol with sha2 is not currently supported.

Install the SNMP Trap Source connector

You can install this connector by using the Confluent Hub client installation instructions or by manually downloading the ZIP file.


  • You must install the connector on every machine where Connect will run.
  • Kafka Broker: Confluent Platform 3.3.0 or later, or Kafka 0.11.0 or later.
  • Connect: Confluent Platform 4.0.0 or later, or Kafka 1.0.0 or later.
  • Java 1.8.
  • An installation of the Confluent Hub Client. This is installed by default with Confluent Enterprise.
  • An installation of the latest (latest) connector version.

Install the connector using Confluent Hub

To install the latest connector version, navigate to your Confluent Platform installation directory and run the following command:

confluent-hub install confluentinc/kafka-connect-snmp-trap:latest

You can install a specific version by replacing latest with a version number as shown in the following example:

confluent-hub install confluentinc/kafka-connect-snmp-trap:1.2.1

Install the connector manually

Download and extract the ZIP file for your connector and then follow the manual connector installation instructions.


You can use this connector for a 30-day trial period without a license key.

After 30 days, you must purchase a connector subscription which includes Confluent enterprise license keys to subscribers, along with enterprise-level support for Confluent Platform and your connectors. If you are a subscriber, you can contact Confluent Support at for more information.

For license properties, see Confluent Platform license, and for information about the license topic, refer to License topic configuration.

Configuration properties

For a complete list of configuration properties for this connector, see SNMP Trap Source connector Configuration Properties.


For an example of how to get Kafka Connect connected to Confluent Cloud, see Distributed Cluster.

Quick start

The following uses the SnmpTrapSourceConnector to receive data (SNMP traps) from devices through SNMP and send them to the Kafka topic.

  1. Install the connector through the Confluent Hub Client.

    # run from your Confluent Platform installation directory
    confluent-hub install confluentinc/kafka-connect-snmp-trap:latest

    Note that by default, the connector will install the plugin into the share/confluent-hub-components directory and add the directory to the plugin path. For the plugin path change to take effect, you must restart the Connect worker.

Property-based example

  1. Create a file with the following contents or use the This configuration is used typically along with standalone workers.:

    snmp.listen.address=<ip-address to listen trap from>
    snmp.listen.port=<port to listen trap from>

    The following defines the Confluent license stored in Kafka, so you need the Kafka bootstrap addresses. The replication.factor may not be larger than the number of Kafka brokers in the destination cluster, so here set this to a value of 1 for demonstration purposes. Always set this to a value of at least 3 in production configurations.

  2. Load the SNMP Trap Source connector.


    You must include a double dash (--) between the connector name and your flag. For more information, see this post.

    confluent local services connect connector load snmp-trap-source --config

    It’s important that you don’t use the Confluent CLI in production environments.

  3. Confirm that the connector is in a RUNNING state.

    confluent local services connect connector status snmp-trap-source
  4. The SNMP device should be running and generating PDUs. The connector will listen and push PDUs of type trap to a Kafka topic.

  5. Confirm that the messages are being sent to Kafka.

    kafka-avro-console-consumer --bootstrap-server localhost:9092 --property schema.registry.url=http://localhost:8081 --topic snmp-kafka-topic --from-beginning

A sample SNMP PDU of type trap might look like this for sysDescr Oid. Refer -

  = 24-Port Gigabit Smart Switch with PoE and 4 SFP uplinks

Data in Kafka topic:

        "string":"24-Port Gigabit Smart Switch with PoE and 4 SFP uplinks"

REST-based example

Use this setting with distributed workers. Write the following JSON to snmp-trap-source-config.json, configure all of the required values, and use the following command to post the configuration to one of the distributed connect workers. For more information, see the Kafka Connect Kafka Connect REST Interface.

 "name": "SnmpTrapSourceConnector",
 "config": {
     "snmp.listen.address":"<ip-address to listen trap from>",
     "snmp.listen.port":"<port to listen trap from>",

Use curl to post the configuration to one of the Kafka Connect Workers. Change http://localhost:8083/ the endpoint of one of your Kafka Connect worker(s).

curl -sS -X POST -H 'Content-Type: application/json' --data @snmp-trap-source-config.json http://localhost:8083/connectors

Use the following command to update the configuration of existing connector.

curl -s -X PUT -H 'Content-Type: application/json' --data @snmp-trap-source-config.json http://localhost:8083/connectors/snmpTrapSourceConnector/config

Check that the connector started successfully. Review the Connect worker’s log by entering the following:

confluent local services connect log

The SNMP device should be running and generating PDUs. The connector will listen and push PDUs of type trap to Kafka topic.

Record Schema

The source connector creates records in the following format:

Key schema

The Key is a struct with the following fields:

Field Name Schema Type Optional? Description
peerAddress String Mandatory Remote address of the host sending the trap.

Value schema

The Value is a struct with the following fields:

Field Name Schema Type Optional? Description
peerAddress String Mandatory Remote address of the host sending the trap.
peerPort String Mandatory Remote port of the host sending the trap.
securityName String Mandatory Community name the event was sent to.
sysUpTime Int64 Optional The time (in hundredths of a second) since the network management portion of the system was last re-initialized.
enterprise String Optional The authoritative identification of the enterprise associated with the trap currently being sent.
genericTrap Int32 Optional Generic trap type of the PDU.
specificTrap Int32 Optional Specific trap type of the PDU.
pduBerEncoded Bytes Optional BER encoded trap PDU.
pduRawBytes Bytes Optional Trap PDU raw bytes.
variables Array of struct Mandatory Variables for this trap.

Variable schema

The Variable is a struct with the following fields:

Field Name Schema Type Optional? Description
oid String Mandatory OID
type String Mandatory Syntax type for variable binding.
counter32 Int32 Optional Counter32 value. Ranges from 0 to 4294967295.
counter64 Int64 Optional Counter64 value. Ranges from 0 to 18446744073709551615.
gauge32 Int32 Optional Gauge32 value. Ranges from 0 to 4294967295.
integer Int32 Optional Integer value.
ipaddress String Optional IpAddress value.
null String Optional Null value.
objectIdentifier String Optional OID value.
octetString String Optional Octet string value.
opaque String Optional Opaque value.
timeticks Int32 Optional Timeticks value. Ranges from 0 to 4294967295.
metadata String Optional Metadata field that contains value object of variables.