Hi Support
This is a continuation from the old thread. https://support.nagios.com/forum/viewto ... 16&t=47454
I am going crazy trying to figure out what is the problem with Nagios.....i have checked everything...
1) Configuations are correct because i am able to recieve traps from other systems.
2) iptable is disabled.
3) the mib file is loaded in the right place and having the correct permission.
4) tcpdump is capturing the incoming trap.
5) I even tried to add a specific catchall Event.
#
EVENT CatchAll .1.3.6.1.4.1.393.200.* "Status Events" Critical
FORMAT $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "" "Host: $r; SvcDesc: $*"
#
But NOTHING is captured in snmptt.log, snmptt.debug, snmpttunknown.log and snmptthandler.debug.
I don't know what else is wrong, Nagios is just not accepting the traps from this particular system.
I have attached the snmptt.conf and tcpdump file for your reference.
Please help.
SNMP trap not captured by Nagiosxi
-
- Posts: 35
- Joined: Sun Jan 08, 2017 8:00 pm
SNMP trap not captured by Nagiosxi
You do not have the required permissions to view the files attached to this post.
Re: SNMP trap not captured by Nagiosxi
I'm not able to reproduce this but the error in the packet trace would suggest the agent(source) address in the snmptrap message is too large. Try running the following on XI and check to see if it causes anything to be logged in the logs you mentioned as well as /usr/local/nagios/var/nagios.log:
snmptrap -v 1 -c public 10.254.98.200 1.3.6.1.4.1.393.200.50.66 10.252.40.243 6 2 '' 1.3.6.1.4.1.393.200.50.66.1.1 s 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 1.3.6.1.4.1.393.200.50.66.1.2 s 31302e3235322e34302e323433 1.3.6.1.4.1.393.200.50.66.1.3 i 1344 1.3.6.1.4.1.393.200.50.66.1.44 s 313130 1.3.6.1.4.1.393.200.50.66.1.51 s 496e666f726d6174696f6e
snmptrap -v 1 -c public 10.254.98.200 1.3.6.1.4.1.393.200.50.66 10.252.40.243 6 2 '' 1.3.6.1.4.1.393.200.50.66.1.1 s 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 1.3.6.1.4.1.393.200.50.66.1.2 s 31302e3235322e34302e323433 1.3.6.1.4.1.393.200.50.66.1.3 i 1344 1.3.6.1.4.1.393.200.50.66.1.44 s 313130 1.3.6.1.4.1.393.200.50.66.1.51 s 496e666f726d6174696f6e
You do not have the required permissions to view the files attached to this post.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
-
- Posts: 35
- Joined: Sun Jan 08, 2017 8:00 pm
Re: SNMP trap not captured by Nagiosxi
Hi Support
After executing the suggested command line, i received the following messages in various logs.
/usr/local/nagios/var/nagios.log
[1529891687] Warning: Passive check result was received for service 'SNMP Traps' on host '10.254.98.200', but the host could not be found!
[1529891687] Error: External command failed -> PROCESS_SERVICE_CHECK_RESULT;10.254.98.200;SNMP Traps;2;Host: 10.254.98.200; SvcDesc: 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
[1529891687] External command error: Command failed
/var/log/messages
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 snmptt[28045]: .1.3.6.1.4.1.393.200.50.66.0.2 Critical "Status Events" 10.252.40.243 - 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: Warning: Passive check result was received for service 'SNMP Traps' on host '10.254.98.200', but the host could not be found!
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: Error: External command failed -> PROCESS_SERVICE_CHECK_RESULT;10.254.98.200;SNMP Traps;2;Host: 10.254.98.200; SvcDesc: 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: External command error: Command failed
/var/log/snmptt/snmptt.log
Mon Jun 25 09:54:45 2018 .1.3.6.1.4.1.393.200.50.66.0.2 Critical "Status Events" 10.252.40.243 - 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
After executing the suggested command line, i received the following messages in various logs.
/usr/local/nagios/var/nagios.log
[1529891687] Warning: Passive check result was received for service 'SNMP Traps' on host '10.254.98.200', but the host could not be found!
[1529891687] Error: External command failed -> PROCESS_SERVICE_CHECK_RESULT;10.254.98.200;SNMP Traps;2;Host: 10.254.98.200; SvcDesc: 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
[1529891687] External command error: Command failed
/var/log/messages
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 snmptt[28045]: .1.3.6.1.4.1.393.200.50.66.0.2 Critical "Status Events" 10.252.40.243 - 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: Warning: Passive check result was received for service 'SNMP Traps' on host '10.254.98.200', but the host could not be found!
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: Error: External command failed -> PROCESS_SERVICE_CHECK_RESULT;10.254.98.200;SNMP Traps;2;Host: 10.254.98.200; SvcDesc: 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
Jun 25 09:57:09 NFVI-COMMON-NAGIOS-01 nagios: External command error: Command failed
/var/log/snmptt/snmptt.log
Mon Jun 25 09:54:45 2018 .1.3.6.1.4.1.393.200.50.66.0.2 Critical "Status Events" 10.252.40.243 - 5468652053796d616e7465632050726f74656374696f6e20456e67696e6520686173206a7573742073746172746564207570 31302e3235322e34302e323433 1344 313130 496e666f726d6174696f6e
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: SNMP trap not captured by Nagiosxi
You need to run the SNMP Trap wizard and add the host 10.254.98.200
Then they will show up in the interface
Then they will show up in the interface
-
- Posts: 35
- Joined: Sun Jan 08, 2017 8:00 pm
Re: SNMP trap not captured by Nagiosxi
As per advise, i have added the host 10.254.98.200 and now i am able to see trap on Nagios.
With this test, does it mean that there was some issue with the agent(source) address as shown in the trace?
With this test, does it mean that there was some issue with the agent(source) address as shown in the trace?
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: SNMP trap not captured by Nagiosxi
No. You still need to add all the hosts you are going to receive traps from with the SNMP Trap wizardnfv_nagios wrote:With this test, does it mean that there was some issue with the agent(source) address as shown in the trace?
-
- Posts: 35
- Joined: Sun Jan 08, 2017 8:00 pm
Re: SNMP trap not captured by Nagiosxi
Oh, sorry, maybe i didn't comm clearly in the beginning of the thread.
I have already added host (10.252.40.243) to receive traps.
The problem is nothing get log in Nagios when this particular host send SNMP traps.
Then cdienger mentioned that the packet trace suggest the agent(source) address in the snmptrap message is too large.
So i thought by performing the test is to confirm if the agent(source) address had anything to do with Nagios not having anything records.
I have already added host (10.252.40.243) to receive traps.
The problem is nothing get log in Nagios when this particular host send SNMP traps.
Then cdienger mentioned that the packet trace suggest the agent(source) address in the snmptrap message is too large.
So i thought by performing the test is to confirm if the agent(source) address had anything to do with Nagios not having anything records.
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: SNMP trap not captured by Nagiosxi
you would want to check /var/log/snmptt/snmpttunknown.log to see if 10.252.40.243 is sending traps that are not matching any of the configuration in the snmptt.ini
If it is logging in /var/log/messages it is being received and should be in one of the snmptt logs
If it is logging in /var/log/messages it is being received and should be in one of the snmptt logs