snmp trap configuration for specific OIDs on remote device

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
joulsn
Posts: 19
Joined: Fri Nov 06, 2015 10:42 am

snmp trap configuration for specific OIDs on remote device

Post by joulsn »

Hey all,

i have Nagios Core 4.0.4 monitoring my remote Centos Server with an camera application. I imported the MIB of this application into the Nagios monitoring server and can successfully execute snmp get commands for the OIDs of thes mib.

Last week I've been trying to set up a trap configuration, since i want Nagios to send me warnings/messages as soon as a specific event has happened.

I followed this instruction:
http://paulgporter.net/2013/09/16/nagios-snmp-traps/
-I created the service
-i can perform the submit_check_result server TRAP 2 "TESTING" command, then in the webinterface i get the appropriate message
-i converted the mib with snmptt


It also works, but it is not that what i wanted to achieve. The manual uses check-host-alive command as check. But my understanding is that this is just a normal ping command.
What I want is to check like 10 OIds whether the status changes or not. I also tried to create check_commands checking the OID with snmptget, but thit didn't work.

Also, i don't understand why I should convert the mib using snmptt and then only execute a check_host_alive command?

It would be cool if someone could help me getting an other view of that issue.

BR j. ;)
Austria, Vienna
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: snmp trap configuration for specific OIDs on remote devi

Post by ssax »

For traps, just follow this guide:
- It still works with Core, run the installer and it will setup the backend for you.

Code: Select all

https://assets.nagios.com/downloads/nagiosxi/docs/Integrating_SNMP_Traps_With_Nagios_XI.pdf
Ignore the XI related stuff like wizard and web interface, the rest is the same process.

Make sure your service description is "SNMP Traps".

If you only wanted to alert on specific OIDs then you would remove all the other entries from your /etc/snmp/snmptt.conf file after running the addmib command on the MIB file that contains the trap definitions (addmib adds then to the snmptt.conf file).

Let me know if you have any questions.

Thank you
joulsn
Posts: 19
Joined: Fri Nov 06, 2015 10:42 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by joulsn »

Hi,

thank you for your quick feedback.
I followed the steps you gave me. I also changed the service description. I also added the mib. It seems ok.

but which check_command do i have to take in the services.cfg? Do I have to create a new command?

BR
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by tgriep »

The specific OIDs that you are looking for, are they sent from your remote device as a SNMP trap?
Is the server currently receiving them?
Can you provide more details on what you are looking for?
Be sure to check out our Knowledgebase for helpful articles and solutions!
joulsn
Posts: 19
Joined: Fri Nov 06, 2015 10:42 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by joulsn »

OIDs that you are looking for, are they sent from your remote device as a SNMP trap?
Is the server currently receiving them?
Can you provide more details on what you are looking for?
Yes, my remote device is sending these traps as snmp traps. When I use a MIB browser application i can successfully receive this traps.

What I am looking for is:
I want to see these traps and the belonging trap changes on the webinterface (localhost/nagios). Just like the services of the SNMP Gets. (Host alive etc.)

When a warninh or critical is triggered i want to have a measage with the OID and the name of the trap.

How do i define that in the services.cfg?

Br from Austria!
User avatar
hsmith
Agent Smith
Posts: 3539
Joined: Thu Jul 30, 2015 11:09 am
Location: 127.0.0.1
Contact:

Re: snmp trap configuration for specific OIDs on remote devi

Post by hsmith »

Can you take a look at this document and see if it clears it up for you at all?

http://askaralikhan.blogspot.com/2010/1 ... agios.html
Former Nagios Employee.
me.
joulsn
Posts: 19
Joined: Fri Nov 06, 2015 10:42 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by joulsn »

hsmith wrote:Can you take a look at this document and see if it clears it up for you at all?

http://askaralikhan.blogspot.com/2010/1 ... agios.html
hey, thank you.
i have already done all steps in the document before. i also created the services. i think there is no configuring problem.
my actual status:
my remote device is configured to send traps and gets (i am able to receive GETs)
MIB imported and converted successfully (see below)
on the webinterface under services i can see the defined service
[[[[[ obelix SNMP Traps OK 02-15-2016 10:11:57 4d 1h 21m 32s 1/1 PING OK - Packet loss = 0%, RTA = 0.59 ms ]]]]]

where should the traps be shown? will it be shown on the webinterface under services instead of that "PING OK - Packet loss .....?
the remote device uses port 10020 and not 162. in order to execute a get command i need to give the submit the port as well. like this:
snmpget -v 1 -c public -O e 10.10.10.74:10020 .1.3.6.1.4.1.33687.1.1.3.1.0
how do i tell nagios to receive the traps via port 10020?



my output from the converted mib file is:
EVENT o2Event .1.3.6.1.4.1.33687.1.2.0.1 "Status Events" Normal
FORMAT Event which is generated by O2. The number $*
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $r TRAP 1 "Event which is generated by O2. The number $*"
SDESC
Event which is generated by O2. The number
tells the event type and the descriptor its
human-readable content.
-- 1.3.6.1.4.1.33687.1.2.0.1
Variables:
1: o2EventName
2: o2EventNumber
3: o2EventStamp

EDESC


the services:
define service {
name SNMP_TRAP
service_description SNMP Traps
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized
process_perf_data 0
obsess_over_service 0 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
check_command check-host-alive ; "Event which is generated by O2. The number $*" ; This will be used to reset the service to "OK"
is_volatile 1
check_period 24x7
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
notification_interval 1
notification_period 24x7
notification_options w,u,c,r
contact_groups admins ; Modify this to match your Nagios contact group definitions
register 0
}


define service {
use SNMP_TRAP
host_name obelix
service_description SNMP Traps
check_interval 1 ; Don't clear for 2 hours
}
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by tgriep »

I see what is happening.
In your service, you have active_checks_enabled and it should not be.
What happens is when the check_interval is hit, it will trigger the active check and run the check-host-alive command clearing out the last received SNMP Trap message.
If you disable active checks, the last received SNMP trap will not be over written and display the last trap received.
Let us know if this is what you are looking for.
Be sure to check out our Knowledgebase for helpful articles and solutions!
joulsn
Posts: 19
Joined: Fri Nov 06, 2015 10:42 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by joulsn »

tgriep wrote:I see what is happening.
In your service, you have active_checks_enabled and it should not be.
What happens is when the check_interval is hit, it will trigger the active check and run the check-host-alive command clearing out the last received SNMP Trap message.
If you disable active checks, the last received SNMP trap will not be over written and display the last trap received.
Let us know if this is what you are looking for.

Thanks for the hint. I changed it accordingly but it had no effect.
I remarked that there is something strange. When I execute the submit_check_result command it doesn't have any effect on nagios.
/usr/local/nagios/libexec/eventhandlers/submit_check_result obelix TRAP 2 "TESTING"
I think normaly on nagios it should change the state to critical and write "TESTING" in services?
What could be wrong that i cannot submit_check_results?
btw. hostname is obelix.

All the best ;)
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: snmp trap configuration for specific OIDs on remote devi

Post by tgriep »

I found the setting to change the listening port for the snmptrapd daemon.
Edit the /etc/snmp/snmptrapd.conf file and add the following line.
TCP:10020

Save the file and restart the snmptrapd daemon by running
service snmptrapd restart
Then check the logs in this folder to see if the server starts to receive the traps in the snmptt.log file
/var/log/snmptt/
If they show up in the snmpttunknown.log file, then the snmptt.conf file needs to be updated with the traps you want to receive.

Could you post your submit_check_result script so we can review it?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Locked