Thu Mar 28 09:19:26 2013: Unknown trap (.1.3.6.1.4.1.111.15.2.0.1) received from svwddnagios01 at:
Value 0: svwddnagios01
Value 1: 10.200.48.252
Value 2: 0:0:00:00.01
Value 3: .1.3.6.1.4.1.111.15.2.0.1
Value 4: 10.200.32.51
Value 5: public
Value 6: .1.3.6.1.4.1.111.15.2
Value 7:
Value 8:
Value 9:
Value 10:
Ent Value 0: .1.3.6.1.4.1.111.15.1.1.1.10.1=This is a test message from Oracle Enterprise Manager. Receiving this message indicates a successful configuration of your SNMP Console in Enterprise Manager.
The above trap is in my snmpttunknown.log file. I don't care about that, I'll figure out the MIB issue later.
My problem is, the value of Value 0 is the name of the nagios gearman worker that forwarded the trap to the primary NagiosXI server. I've done a bunch of searching the web, but can't seem to find much on forwarding traps. Anyone know if it is possible to make sure the original sender information stays in the trap and not the forwarding server?
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
I think I may have to use something like http://code.google.com/p/samplicator/ to get the end result I need. Unless someone here gives me a hint on how to do it
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
Oh, and I have to do it this way because there is a firewall between the group of machines/devices/worker and the main XI server.
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
We are going to try that application I linked Friday morning unless I get another idea before then. I'll let you all know the outcome.
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
> Is it possible for machine A to keep/retain the IP of the
> Cisco router when forwarding the traps to machine B? Did I
> miss anything?
You did not miss anything. As strange as it may seem, originating
addresses are not considered management information in SNMP. SNMPv3 has the
notion of engineID, which is both more accurate and more widely applicable than
source IP address, but for SNMPv1/v2c there is no simple solution. Could you
perhaps change the community of the traps to something like "routername-traps",
and associate thaty community with a source in your NM
So you may have to come up with a custom solution.
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
So, I installed that application I linked and it worked, except it re-writes the IP header so the firewall is blocking it now.
However, I stopped that application and re-enabled snmptrapd. I also got the MIB installed for the translation. Amazingly, when it gets translated it must use the value in Value4 and it was translated properly to the correct host So just using snmptrapd seems to work fine.....wow am I happy!
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
Fri Mar 29 12:15:42 2013 .1.3.6.1.4.1.111.15.2.0.1 Normal "Status Events" svwddprdgrd01 - The variables included in the oraEM4Alert trap. This is a test message from Oracle Enterprise Manager. Receiving this message indicates a successful configuration of your SNMP Console in Enterprise Manager.
So apparently, the snmptt.log file is showing the originating host for the trap, but the command is being written for Nagios using the forwarding host.
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
EXEC /usr/local/bin/snmptraphandling.py "$A" "SNMP Traps" "$s" "$@" "$-*" "The variables included in the oraEMNGAlert trap. $*"
This replaces the snmp trap sender hostname with the snmp trap agent(originator) host name. I'll just need to change that everywhere, but that shouldn't be an issue, as all my SNMP agents are objects with an IP. This would only cause issues for people if that was not true.
2 of XI5.6.14 Prod/DR/DEV - Nagios LogServer 2 Nodes
See my projects on the Exchange at BanditBBS - Also check out my Nagios stuff on my personal page at Bandit's Home and at github
So just using snmptrapd seems to work fine.....wow am I happy!