keephq · melmathari · Sep 22, 2025 · Sep 22, 2025 · coderabbitai · Sep 22, 2025
diff --git a/docs/mint.json b/docs/mint.json
@@ -244,6 +244,7 @@
             "providers/documentation/site24x7-provider",
             "providers/documentation/slack-provider",
             "providers/documentation/smtp-provider",
+            "providers/documentation/snmp-provider",
             "providers/documentation/snowflake-provider",
             "providers/documentation/splunk-provider",
             "providers/documentation/squadcast-provider",

diff --git a/docs/providers/documentation/snmp-provider.mdx b/docs/providers/documentation/snmp-provider.mdx
@@ -0,0 +1,118 @@
+---
+title: "SNMP"
+sidebarTitle: "SNMP Provider"
+description: "SNMP provider allows you to receive SNMP traps from network devices and generate alerts in Keep."
+---
+import AutoGeneratedSnippet from '/snippets/providers/snmp-snippet-autogenerated.mdx';
+
+## Overview
+
+The Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. The SNMP provider for Keep allows you to receive SNMP traps from network devices and generate alerts based on these traps.
+
+## Inputs
+
+The SNMP provider receives SNMP trap notifications from network devices.
+
+## Outputs
+
+The SNMP provider generates alerts in Keep with the following information:
+- Alert title (based on trap OID)
+- Alert description (containing trap data details)
+- Alert severity (mapped from trap content or default)
+- Source information
+- Raw trap data
+
+## Authentication Parameters
+
+| Parameter | Required | Description | Default |
+|-----------|----------|-------------|---------|
+| listen_address | No | IP address to listen on for SNMP traps | 0.0.0.0 |
+| port | No | UDP port to listen on for SNMP traps | 162 |
+| community | No | SNMP community string for authentication | public |
+| severity_mapping | No | JSON mapping of OID patterns to Keep severity levels | null |
+
+## Connecting with the Provider
+
+### Configuration Example
+
+Add the SNMP provider to your Keep configuration:
+
+```yaml
+providers:
+  snmp:
+    type: snmp
+    authentication:
+      listen_address: 0.0.0.0
+      port: 1162
+      community: public
+      severity_mapping: '{"1.3.6.1.6.3.1.1.5.3": "WARNING", "1.3.6.1.6.3.1.1.5.5": "CRITICAL"}'
+```
+
+### Setting Up Network Devices
+
+Configure your network devices to send SNMP traps to the Keep server IP address and port where the SNMP provider is listening.
+
+Example configuration for a Cisco device:
+```
+snmp-server enable traps
+snmp-server host <keep-server-ip> version 2c <community>
+```
+
+## Testing
+
+You can test the SNMP provider using tools like `snmptrap` to send test traps:
+
+```bash
+snmptrap -v 2c -c public <keep-server-ip>:162 '' 1.3.6.1.6.3.1.1.5.3 1.3.6.1.2.1.2.2.1.1.2 i 2
+```
+
+For testing with Docker containers, you can use the following configuration:
+
+```yaml
+services:
+  snmp-agent:
+    image: eclipse-mosquitto:latest
+    container_name: snmp-agent
+    ports:
+      - "1883:1883"
+    networks:
+      - keep_default
+
+  snmp-tools:
+    image: debian:bullseye
+    container_name: snmp-tools
+    command: tail -f /dev/null  
+    networks:
+      - keep_default
+    volumes:
+      - ./:/data
+
+networks:
+  keep_default:
+    external: true 
+```
+
+With this setup:
+1. The `snmp-agent` container runs the Eclipse Mosquitto image which can be used for message brokering
+2. The `snmp-tools` container provides a Debian environment where you can install and run SNMP tools
+3. Install SNMP tools in the container with: `docker exec snmp-tools apt-get update && docker exec snmp-tools apt-get install -y snmp snmptrapd`
+4. Generate test traps from the tools container: `docker exec snmp-tools snmptrap -v 2c -c public keep-api:162 '' 1.3.6.1.6.3.1.1.5.3 1.3.6.1.2.1.2.2.1.1.2 i 2`
+
+## Notes
+
+- The SNMP provider currently supports SNMPv2c only.
+- Port 162 is the standard port for SNMP traps and typically requires elevated privileges to bind.
+- Custom severity mapping allows you to map specific OIDs to alert severity levels.
+
+## Troubleshooting
+
+- **No traps received**: Ensure port 162 is accessible and not blocked by firewalls.
+- **Permission issues**: Binding to port 162 typically requires elevated privileges. Consider using a higher port (>1024) for testing.
+- **Mapping issues**: Check the syntax of your severity_mapping JSON string.
+
+## Useful Links
+
+- [SNMP RFC 3411](https://tools.ietf.org/html/rfc3411) - SNMP Architecture
+- [Net-SNMP Documentation](http://www.net-snmp.org/docs/)
+
+<AutoGeneratedSnippet /> 
diff --git a/docs/providers/overview.md b/docs/providers/overview.md
@@ -106,6 +106,7 @@ By leveraging Keep Providers, users are able to deeply integrate Keep with the t
 - [Site24x7](/providers/documentation/site24x7-provider)
 - [Slack](/providers/documentation/slack-provider)
 - [SMTP](/providers/documentation/smtp-provider)
+- [SNMP](/providers/documentation/snmp-provider)
 - [Snowflake](/providers/documentation/snowflake-provider)
 - [Splunk](/providers/documentation/splunk-provider)
 - [Squadcast](/providers/documentation/squadcast-provider)

diff --git a/docs/providers/overview.mdx b/docs/providers/overview.mdx
@@ -796,6 +796,14 @@ By leveraging Keep Providers, users are able to deeply integrate Keep with the t
   }
 ></Card>
 
+<Card
+  title="SNMP"
+  href="/providers/documentation/snmp-provider"
+  icon={
+    <img src="https://img.logo.dev/net-snmp.org?token=pk_dfXfZBoKQMGDTIgqu7LvYg" />
+  }
+></Card>
+
 <Card
   title="Snowflake"
   href="/providers/documentation/snowflake-provider"

diff --git a/docs/snippets/providers/snmp-snippet-autogenerated.mdx b/docs/snippets/providers/snmp-snippet-autogenerated.mdx
@@ -0,0 +1,44 @@
+{/* This snippet is automatically generated using scripts/docs_render_provider_snippets.py 
+Do not edit it manually, as it will be overwritten */}
+
+## Authentication
+This provider requires authentication.
+- **listen_address**: IP address to listen on for SNMP traps (required: False, sensitive: False)
+- **port**: UDP port to listen on for SNMP traps (required: False, sensitive: False)
+- **community**: SNMP community string for authentication (required: False, sensitive: True)
+- **severity_mapping**: JSON mapping of OID patterns to Keep severity levels (required: False, sensitive: False)
+
+Certain scopes may be required to perform specific actions or queries via the provider. Below is a summary of relevant scopes and their use cases:
+- **receive_traps**: Receive and process SNMP traps (mandatory) 
+
+
+
+## In workflows
+
+This provider can be used in workflows.
+
+
+As "step" to query data, example:
+```yaml
+steps:
+    - name: Query snmp
+      provider: snmp
+      config: "{{ provider.my_provider_name }}"
+
+
+```
+
+
+As "action" to make changes or update data, example:
+```yaml
+actions:
+    - name: Query snmp
+      provider: snmp
+      config: "{{ provider.my_provider_name }}"
+
+
+```
+
+
+
+If you need workflow examples with this provider, please raise a [GitHub issue](https://github.com/keephq/keep/issues).
diff --git a/keep-ui/public/icons/snmp-icon.png b/keep-ui/public/icons/snmp-icon.png
diff --git a/keep/providers/snmp_provider/__init__.py b/keep/providers/snmp_provider/__init__.py