diff --git a/monitoring/snmp/README.md b/monitoring/snmp/README.md
new file mode 100644
index 0000000..640a114
--- /dev/null
+++ b/monitoring/snmp/README.md
@@ -0,0 +1,6 @@
+# Monitor snmp traps in nagios
+How to monitor snmp traps in nagios
+
+http://paulgporter.net/2013/09/16/nagios-snmp-traps/
+
+convert only mibs you need/want
diff --git a/monitoring/snmp/snmptrapd.conf b/monitoring/snmp/snmptrapd.conf
new file mode 100644
index 0000000..fe19fab
--- /dev/null
+++ b/monitoring/snmp/snmptrapd.conf
@@ -0,0 +1,8 @@
+# no auth at all (maybe not working)
+disableAuthorization yes
+
+# add our community with full rights
+authCommunity log,execute,net 0penfest
+
+# handle everything
+traphandle default /usr/sbin/snmptthandler
diff --git a/monitoring/snmp/snmptt.conf.cisco b/monitoring/snmp/snmptt.conf.cisco
new file mode 100644
index 0000000..7503be4
--- /dev/null
+++ b/monitoring/snmp/snmptt.conf.cisco
@@ -0,0 +1,20 @@
+# this is just a sample converted mib. follow the procedure in README.md
+EVENT ccmCLIRunningConfigChanged .1.3.6.1.4.1.9.9.43.2.0.2 "Status Events" Normal
+FORMAT This notification indicates that the running $*
+EXEC /usr/share/nagios3/plugins/eventhandlers/submit_check_result $r TRAP 2 "This notification indicates that the running $*"
+SDESC
+This notification indicates that the running
+configuration of the managed system has changed
+from the CLI.
+If the managed system supports a separate 
+configuration mode(where the configuration commands 
+are entered under a  configuration session which 
+affects the running configuration of the system), 
+then this notification is sent when the configuration 
+mode is exited.
+During this configuration session there can be 
+one or more running configuration changes.
+Variables:
+  1: ccmHistoryRunningLastChanged
+  2: ccmHistoryEventTerminalType
+EDESC
diff --git a/monitoring/snmp/snmptt.ini b/monitoring/snmp/snmptt.ini
new file mode 100644
index 0000000..13d811a
--- /dev/null
+++ b/monitoring/snmp/snmptt.ini
@@ -0,0 +1,95 @@
+[General]
+snmptt_system_name = 
+
+# way to run it (daemon to read spooled traps from snmptthandler)
+mode = daemon
+multiple_event = 1
+dns_enable = 0
+strip_domain = 1
+
+# nuke this domain substring
+strip_domain_list = <<END
+openfest.org
+END
+
+resolve_value_ip_addresses = 0
+
+# needed!!!!
+net_snmp_perl_enable = 1
+net_snmp_perl_cache_enable = 1
+net_snmp_perl_best_guess = 0
+translate_log_trap_oid = 0
+translate_value_oids = 1
+translate_enterprise_oid_format = 1
+translate_trap_oid_format = 1
+translate_varname_oid_format = 1
+translate_integers = 1
+wildcard_expansion_separator = " "
+allow_unsafe_regex = 0
+remove_backslash_from_quotes = 0
+dynamic_nodes = 0
+description_mode = 0
+description_clean = 1
+threads_enable = 0
+threads_max = 10
+
+# YEAAAH
+[DaemonMode]
+daemon_fork = 1
+daemon_uid = snmptt
+pid_file = /var/run/snmptt.pid
+spool_directory = /var/spool/snmptt/
+sleep = 5
+use_trap_time = 1
+keep_unlogged_traps = 1
+duplicate_trap_window = 5
+
+# Logging
+[Logging]
+stdout_enable = 0
+log_enable = 1
+log_file = /var/log/snmptt/snmptt.log
+log_system_enable = 1
+log_system_file = /var/log/snmptt/snmpttsystem.log
+
+# really valuable when debugging
+unknown_trap_log_enable = 1
+unknown_trap_log_file = /var/log/snmptt/snmpttunknown.log
+statistics_interval = 3600
+syslog_enable = 1
+syslog_facility = local0
+syslog_level_debug = <<END
+END
+syslog_level_info = <<END
+END
+syslog_level_notice = <<END
+END
+syslog_level_warning = <<END
+END
+syslog_level_err = <<END
+END
+syslog_level_crit = <<END
+END
+syslog_level_alert = <<END
+END
+syslog_level = warning
+syslog_system_enable = 1
+syslog_system_facility = local0
+syslog_system_level = warning
+[Exec]
+exec_enable = 1
+pre_exec_enable = 1
+unknown_trap_exec = 
+unknown_trap_exec_format = 
+exec_escape = 1
+[Debugging]
+DEBUGGING = 0
+DEBUGGING_FILE = 
+DEBUGGING_FILE_HANDLER = 
+
+# trap files with what to do
+[TrapFiles]
+snmptt_conf_files = <<END
+/etc/snmp/snmptt.conf
+/etc/snmp/snmptt.conf.cisco
+END