From 1c2b63638b84ddd610500822e93cdde6bb027a41 Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Wed, 25 Mar 2020 17:01:23 -0400
Subject: [PATCH] trap not traps

---
 package/etc/conf.d/conflib/_common/templates.conf    | 2 +-
 package/etc/conf.d/log_paths/lp-snmp_traps.conf.tmpl | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/etc/conf.d/conflib/_common/templates.conf b/package/etc/conf.d/conflib/_common/templates.conf
index d428a86..1c4259a 100644
--- a/package/etc/conf.d/conflib/_common/templates.conf
+++ b/package/etc/conf.d/conflib/_common/templates.conf
@@ -87,6 +87,6 @@ template t_JSON_5424 {
     };
 
 
-template t_snmp_traps {
+template t_snmp_trap {
     template('$(format-json .snmp.* --rekey .snmp.* --shift-levels 2)');
     };
\ No newline at end of file
diff --git a/package/etc/conf.d/log_paths/lp-snmp_traps.conf.tmpl b/package/etc/conf.d/log_paths/lp-snmp_traps.conf.tmpl
index 6e74397..66b22cc 100644
--- a/package/etc/conf.d/log_paths/lp-snmp_traps.conf.tmpl
+++ b/package/etc/conf.d/log_paths/lp-snmp_traps.conf.tmpl
@@ -6,10 +6,10 @@ log {
             );
         };
 
-    rewrite { r_set_splunk_dest_default(sourcetype("snmp:traps"), index("main"))};
-    parser {p_add_context_splunk(key("snmp_traps")); };
+    rewrite { r_set_splunk_dest_default(sourcetype("snmp:trap"), index("main"))};
+    parser {p_add_context_splunk(key("snmp_trap")); };
 
-    rewrite { set("$(template ${.splunk.sc4s_template} $(template t_snmp_traps))" value("MSG")); };
+    rewrite { set("$(template ${.splunk.sc4s_template} $(template t_snmp_trap))" value("MSG")); };
 
 {{- if or (conv.ToBool (getenv "SC4S_DEST_SPLUNK_HEC_GLOBAL" "yes")) (conv.ToBool (getenv "SC4S_DEST_SNMP_TRAPS_HEC" "no")) }}
     destination(d_hec);