Hey all,
i have Nagios Core 4.0.4 monitoring my remote Centos Server with an camera application. I imported the MIB of this application into the Nagios monitoring server and can successfully execute snmp get commands for the OIDs of thes mib.
Last week I've been trying to set up a trap configuration, since i want Nagios to send me warnings/messages as soon as a specific event has happened.
I followed this instruction:
http://paulgporter.net/2013/09/16/nagios-snmp-traps/
-I created the service
-i can perform the submit_check_result server TRAP 2 "TESTING" command, then in the webinterface i get the appropriate message
-i converted the mib with snmptt
It also works, but it is not that what i wanted to achieve. The manual uses check-host-alive command as check. But my understanding is that this is just a normal ping command.
What I want is to check like 10 OIds whether the status changes or not. I also tried to create check_commands checking the OID with snmptget, but thit didn't work.
Also, i don't understand why I should convert the mib using snmptt and then only execute a check_host_alive command?
It would be cool if someone could help me getting an other view of that issue.
BR j.
Austria, Vienna
snmp trap configuration for specific OIDs on remote device
Re: snmp trap configuration for specific OIDs on remote devi
For traps, just follow this guide:
- It still works with Core, run the installer and it will setup the backend for you.
Ignore the XI related stuff like wizard and web interface, the rest is the same process.
Make sure your service description is "SNMP Traps".
If you only wanted to alert on specific OIDs then you would remove all the other entries from your /etc/snmp/snmptt.conf file after running the addmib command on the MIB file that contains the trap definitions (addmib adds then to the snmptt.conf file).
Let me know if you have any questions.
Thank you
- It still works with Core, run the installer and it will setup the backend for you.
Code: Select all
https://assets.nagios.com/downloads/nagiosxi/docs/Integrating_SNMP_Traps_With_Nagios_XI.pdf
Make sure your service description is "SNMP Traps".
If you only wanted to alert on specific OIDs then you would remove all the other entries from your /etc/snmp/snmptt.conf file after running the addmib command on the MIB file that contains the trap definitions (addmib adds then to the snmptt.conf file).
Let me know if you have any questions.
Thank you
Re: snmp trap configuration for specific OIDs on remote devi
Hi,
thank you for your quick feedback.
I followed the steps you gave me. I also changed the service description. I also added the mib. It seems ok.
but which check_command do i have to take in the services.cfg? Do I have to create a new command?
BR
thank you for your quick feedback.
I followed the steps you gave me. I also changed the service description. I also added the mib. It seems ok.
but which check_command do i have to take in the services.cfg? Do I have to create a new command?
BR
Re: snmp trap configuration for specific OIDs on remote devi
The specific OIDs that you are looking for, are they sent from your remote device as a SNMP trap?
Is the server currently receiving them?
Can you provide more details on what you are looking for?
Is the server currently receiving them?
Can you provide more details on what you are looking for?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: snmp trap configuration for specific OIDs on remote devi
Yes, my remote device is sending these traps as snmp traps. When I use a MIB browser application i can successfully receive this traps.OIDs that you are looking for, are they sent from your remote device as a SNMP trap?
Is the server currently receiving them?
Can you provide more details on what you are looking for?
What I am looking for is:
I want to see these traps and the belonging trap changes on the webinterface (localhost/nagios). Just like the services of the SNMP Gets. (Host alive etc.)
When a warninh or critical is triggered i want to have a measage with the OID and the name of the trap.
How do i define that in the services.cfg?
Br from Austria!
Re: snmp trap configuration for specific OIDs on remote devi
Can you take a look at this document and see if it clears it up for you at all?
http://askaralikhan.blogspot.com/2010/1 ... agios.html
http://askaralikhan.blogspot.com/2010/1 ... agios.html
Former Nagios Employee.
me.
me.
Re: snmp trap configuration for specific OIDs on remote devi
hey, thank you.hsmith wrote:Can you take a look at this document and see if it clears it up for you at all?
http://askaralikhan.blogspot.com/2010/1 ... agios.html
i have already done all steps in the document before. i also created the services. i think there is no configuring problem.
my actual status:
my remote device is configured to send traps and gets (i am able to receive GETs)
MIB imported and converted successfully (see below)
on the webinterface under services i can see the defined service
[[[[[ obelix SNMP Traps OK 02-15-2016 10:11:57 4d 1h 21m 32s 1/1 PING OK - Packet loss = 0%, RTA = 0.59 ms ]]]]]
where should the traps be shown? will it be shown on the webinterface under services instead of that "PING OK - Packet loss .....?
the remote device uses port 10020 and not 162. in order to execute a get command i need to give the submit the port as well. like this:
snmpget -v 1 -c public -O e 10.10.10.74:10020 .1.3.6.1.4.1.33687.1.1.3.1.0
how do i tell nagios to receive the traps via port 10020?
my output from the converted mib file is:
EVENT o2Event .1.3.6.1.4.1.33687.1.2.0.1 "Status Events" Normal
FORMAT Event which is generated by O2. The number $*
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $r TRAP 1 "Event which is generated by O2. The number $*"
SDESC
Event which is generated by O2. The number
tells the event type and the descriptor its
human-readable content.
-- 1.3.6.1.4.1.33687.1.2.0.1
Variables:
1: o2EventName
2: o2EventNumber
3: o2EventStamp
EDESC
the services:
define service {
name SNMP_TRAP
service_description SNMP Traps
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized
process_perf_data 0
obsess_over_service 0 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
check_command check-host-alive ; "Event which is generated by O2. The number $*" ; This will be used to reset the service to "OK"
is_volatile 1
check_period 24x7
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
notification_interval 1
notification_period 24x7
notification_options w,u,c,r
contact_groups admins ; Modify this to match your Nagios contact group definitions
register 0
}
define service {
use SNMP_TRAP
host_name obelix
service_description SNMP Traps
check_interval 1 ; Don't clear for 2 hours
}
Re: snmp trap configuration for specific OIDs on remote devi
I see what is happening.
In your service, you have active_checks_enabled and it should not be.
What happens is when the check_interval is hit, it will trigger the active check and run the check-host-alive command clearing out the last received SNMP Trap message.
If you disable active checks, the last received SNMP trap will not be over written and display the last trap received.
Let us know if this is what you are looking for.
In your service, you have active_checks_enabled and it should not be.
What happens is when the check_interval is hit, it will trigger the active check and run the check-host-alive command clearing out the last received SNMP Trap message.
If you disable active checks, the last received SNMP trap will not be over written and display the last trap received.
Let us know if this is what you are looking for.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: snmp trap configuration for specific OIDs on remote devi
tgriep wrote:I see what is happening.
In your service, you have active_checks_enabled and it should not be.
What happens is when the check_interval is hit, it will trigger the active check and run the check-host-alive command clearing out the last received SNMP Trap message.
If you disable active checks, the last received SNMP trap will not be over written and display the last trap received.
Let us know if this is what you are looking for.
Thanks for the hint. I changed it accordingly but it had no effect.
I remarked that there is something strange. When I execute the submit_check_result command it doesn't have any effect on nagios.
/usr/local/nagios/libexec/eventhandlers/submit_check_result obelix TRAP 2 "TESTING"
I think normaly on nagios it should change the state to critical and write "TESTING" in services?
What could be wrong that i cannot submit_check_results?
btw. hostname is obelix.
All the best
Re: snmp trap configuration for specific OIDs on remote devi
I found the setting to change the listening port for the snmptrapd daemon.
Edit the /etc/snmp/snmptrapd.conf file and add the following line.
TCP:10020
Save the file and restart the snmptrapd daemon by running
service snmptrapd restart
Then check the logs in this folder to see if the server starts to receive the traps in the snmptt.log file
/var/log/snmptt/
If they show up in the snmpttunknown.log file, then the snmptt.conf file needs to be updated with the traps you want to receive.
Could you post your submit_check_result script so we can review it?
Edit the /etc/snmp/snmptrapd.conf file and add the following line.
TCP:10020
Save the file and restart the snmptrapd daemon by running
service snmptrapd restart
Then check the logs in this folder to see if the server starts to receive the traps in the snmptt.log file
/var/log/snmptt/
If they show up in the snmpttunknown.log file, then the snmptt.conf file needs to be updated with the traps you want to receive.
Could you post your submit_check_result script so we can review it?
Be sure to check out our Knowledgebase for helpful articles and solutions!