sorry for delay , but this case after fixed , it appears again. although I manually reclassify the trap in snmptt.conf .
also there isn't find the mibs in these paths /etc/snmp/snmptt.ini.
and these paths not found
/usr/share/snmp/mibs/processed_mibs/smscagent.mib.txt
/usr/share/snmp/mibs/processed_mibs/smscagentb.mib.txt
how can I fix that.
classifying Traps
-
hanya.radwan
- Posts: 194
- Joined: Tue Feb 25, 2014 6:12 am
- Location: palestine
Re: classifying Traps
Please attach your /etc/snmp/snmptt.conf and your /etc/snmp/snmptt.ini, it'll give us a better idea of any changes.
-
hanya.radwan
- Posts: 194
- Joined: Tue Feb 25, 2014 6:12 am
- Location: palestine
Re: classifying Traps
the files attached
You do not have the required permissions to view the files attached to this post.
Re: classifying Traps
Ok, here's an example:
Using your latest one, if I use grep on your snmptt conf files (all of them are listed at the bottom of /etc/snmp/snmptt.ini), this line will search through all your conf files:
You will see that you have duplicate entries in there, you should be able to remove the duplicates or change them all but make sure that they are the exact same ones (Name, OID, Match, etc).
Using your latest one, if I use grep on your snmptt conf files (all of them are listed at the bottom of /etc/snmp/snmptt.ini), this line will search through all your conf files:
Code: Select all
grep -n 'smscSiwplmnWarningTrap' /etc/snmp/*.conf-
hanya.radwan
- Posts: 194
- Joined: Tue Feb 25, 2014 6:12 am
- Location: palestine
Re: classifying Traps
I deleted all repeated traps, and when apply the below for each trap , the result just one .
[root@nms snmp]# grep -n 'smscSiwplmnWarningTrap' /etc/snmp/*.conf
/etc/snmp/snmptt.conf
EVENT smscSiwplmnWarningTrap .1.3.6.1.4.1.3830.1.1.2.2.1.0.2024 "Status Events" Warning
also I modified snmptt.ini and delete any conf file related to these mibs , and restart snmptt, but the problem still.
also most of traps went to snmpttunknown.log, and stop appear on nagiosxi notificatiins after me changing the traps classifications manually.
[root@nms snmp]# grep -n 'smscSiwplmnWarningTrap' /etc/snmp/*.conf
/etc/snmp/snmptt.conf
EVENT smscSiwplmnWarningTrap .1.3.6.1.4.1.3830.1.1.2.2.1.0.2024 "Status Events" Warningalso I modified snmptt.ini and delete any conf file related to these mibs , and restart snmptt, but the problem still.
also most of traps went to snmpttunknown.log, and stop appear on nagiosxi notificatiins after me changing the traps classifications manually.
You do not have the required permissions to view the files attached to this post.
Re: classifying Traps
I'm seeing this in the original snmptt.conf you posted:
And I'm seeing this in the new one:
I think you removed too much.
Code: Select all
EVENT smscInternalMajorTrap .1.3.6.1.4.1.3830.1.1.2.2.1.0.52 "Status Events" Normal
FORMAT Internal status information of the agent $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "Internal status information of the agent $*"
SDESC
Internal status information of the agent
NOTIFICATIONID-VARIABLE: trapNotificationId
SEVERITY-VARIABLE: trapSeverity
ADDITIONAL-TEXT-VARIABLES: {trapData}
MANAGEDOBJECT-DEFAULT: smscAgent
Variables:
1: trapNotificationId
2: trapSeverity
3: trapData
4: trapTimeStamp
EDESCCode: Select all
EVENT smscInternalMajorTrap .1.3.6.1.4.1.3830.1.1.2.2.1.0.52 "Status Events" Critical
FORMAT Internal status information of the agent $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$1" "Internal status information of the agent $*"
MATCH $1: 1
MATCH $1: 2
MATCH $1: 5-
Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: classifying Traps
Looking at the first couple of in your unknown log, they are all similar, here is one:
Now to refer to this:
So $1 that is trying to be matched against is this:
$1 = Ent Value 0
So your MATCH is not matching anything as the value of Ent Value 0 ($1) is 3 and your MATCHES are:
You could add 3 as well:
Does that make sense?
Code: Select all
Sun Apr 19 03:28:27 2015: Unknown trap (.1.3.6.1.4.1.3830.1.1.2.2.1.0.52) received from 192.168.10.71 at:
Value 0: 192.168.10.71
Value 1: 192.168.10.71
Value 2: 24:9:21:28.95
Value 3: .1.3.6.1.4.1.3830.1.1.2.2.1.0.52
Value 4: 192.168.10.204
Value 5: Jawwal-snmp
Value 6: .1.3.6.1.4.1.3830.1.1.2.2.1
Value 7:
Value 8:
Value 9:
Value 10:
Ent Value 0: .1.3.6.1.4.1.3830.1.1.2.1.1.1=3
Ent Value 1: .1.3.6.1.4.1.3830.1.1.2.1.1.2=2
Ent Value 2: .1.3.6.1.4.1.3830.1.1.2.1.1.3=%SMSA-E-POLLERR, Polling the SMSC was not successful.
Ent Value 3: .1.3.6.1.4.1.3830.1.1.2.1.1.4=OPCOM
Ent Value 4: .1.3.6.1.4.1.3830.1.1.2.1.1.5=19-APR-2015 03:27:10.70
Ent Value 5: .1.3.6.1.4.1.3830.1.1.2.1.1.6=SMJL51Code: Select all
EVENT smscInternalMajorTrap .1.3.6.1.4.1.3830.1.1.2.2.1.0.52 "Status Events" Critical
FORMAT Internal status information of the agent $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$1" "Internal status information of the agent $*"
MATCH $1: 1
MATCH $1: 2
MATCH $1: 5So $1 that is trying to be matched against is this:
Code: Select all
Ent Value 0: .1.3.6.1.4.1.3830.1.1.2.1.1.1=3So your MATCH is not matching anything as the value of Ent Value 0 ($1) is 3 and your MATCHES are:
Code: Select all
MATCH $1: 1
MATCH $1: 2
MATCH $1: 5Code: Select all
MATCH $1: 1
MATCH $1: 2
MATCH $1: 3
MATCH $1: 5As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.