System log generates huge amount of entries "Clearing snmpd.log due to log overflow"
2509
Created On 01/17/23 09:16 AM - Last Modified 01/17/24 04:05 AM
Symptom
- System log contains a lot of logs with the content "Clearing snmpd.log due to log overflow"
- It is seen for one of the nodes in HA setup (Firewall or Panorama) only
- For the node which generates multiple system logs, SNMP polling fails
- SNMP polling is executed at aggressive rate like multiple OIDs are requested every 1 minute by a monitoring solution using SNMP (Zabbix, Cacti, Solarwinds or any using SNMP bulk requests)
Environment
- Palo Alto Firewalls or Panorama
- PAN-OS 9.1 and above
- High Availability (HA)
Cause
- SNMP settings are configured only in one of the nodes/peers in a HA setup
- This is assuming that this configuration will be synchronized.
- SNMP settings are not synced between HA nodes.
Resolution
- Configure SNMP settings on both the peers under GUI: Device > Setup > Operations > SNMP Setup
- Commit the configuration.