Nagios Support Forum

OK so now you're starting to head into the "complicated stuff" with SNMP. All of the data you want is there, it just needs to be accessed the correct way.

First let's touch on the EXEC lines.

Using an example from my server:
The arguments being sent also include variables which are explained below:

<HOST> = "$r"
"$r" = The hostname of the device that sent the trap to this server

<SERVICE> = "SNMP Traps"
The name of the service we are sending a Passive check for is "SNMP Traps"

<SEVERITY> = "$s"
"$s" = the SEVERITY defined in the EVENT line (in this case it is Normal)

<TIME> = "$@"
"$@" = the EPOCH value of when the trap was received

<PERFDATA> = "$-*"
$* means it will expand all the variables (OBJECTS) that were sent with the trap in the format of “variable name (variable type):value”
nSvcHostname (OCTETSTR):CentOS nSvcDesc (OCTETSTR):Users nSvcStateID (INTEGER):0 nSvcOutput (OCTETSTR):USERS OK - 0 users currently logged in

<DATA> = "The SNMP trap that is generated as a result of an event with the service $*"
$* means it will expand all the variables (OBJECTS) that were sent with the trap (exactly the same as the FORMAT line)

In relation to this:
<PERFDATA> = "$-*"
The perfdata is not relevant so let's ditch it. Simply remove $-* from the EXEC line (just leave the double quotes)
Now this line:
<DATA> = "The SNMP trap that is generated as a result of an event with the service $*"
$* means it will expand all the variables (OBJECTS) that were sent with the trap (exactly the same as the FORMAT line)

Basically anything in-between the last set of double quotes is what appears in your service status.
$* is expanding all the variables ... but you can also access them via $1, $2 etc etc.

How do you know what is each object?

This is the bit where I get frustrated but here's how I work it out.

Comment out the entire EVENT in your snmptt.conf file (the EVENT, FORMAT and EXEC lines).
Restart snmptt service
Now these received traps will go into /var/log/snmptt-unknown.log
Here's an example of one: "Ent Value 0" = $1
"Ent Value 1" = $2
and so on.

You could have the last DATA part like: So your final EXEC line will be something like: You just need to determine what variable your objects reside in.

This documentation is pretty helpful:
http://snmptt.sourceforge.net/docs/snmp ... ONF-FORMAT

derekb wrote:I did that earlier. All that does is show me the IP address of the device sending the trap, and it shows up as an unconfigured object for each device sending the trap.

For my example, the device is 192.168.1.161. Fine, I can accept the unconfigured object and add it per normal. But what happens if another customer has a device with the same IP address? I won't be able to add that device since there will be a duplicate.

To get more complicated,

<HOST> = "$r"
"$r" = The hostname of the device that sent the trap to this server

<SERVICE> = "SNMP Traps"
The name of the service we are sending a Passive check for is "SNMP Traps"

If the device address was in the variable $2 then instead of using $r you could use $2.

The "SNMP Traps" is just the name of the service in Nagios that snmptt is targeting for the results. This could be "Pink Elephants Like Red Shoes".

Lets say you have 10 cameras per customer.
Each site has a naming standard like AAA, BBB, CCC.
All cameras at site AAA have AAA in the varaiable $6
All cameras at site BBB have BBB in the varaiable $6
Each camera's IP address is in $2

You could have an SNMP service per camera, using variables you could have a dynamic service name like:
"SNMP Traps - Site $6 - Camera $2" So there would be services called:
SNMP Traps - Site AAA - Camera 192.168.167.1
SNMP Traps - Site AAA - Camera 192.168.167.2
SNMP Traps - Site BBB - Camera 192.168.192.15
and so one

This is getting quite complicated but hopefully there is some information here to help you achieve what you need.

That was super helpful!

I'm stuck at one part... I'm testing in a lab environment right now. I commented out the EVENT in snmptt.conf on the XI server. This is how the trap is received:
What variable can I use to access Value 1, Value 2, Value 3, etc? Example, I want to reference Value4, and $4 doesn't allow me to do that.

Also, I can only get NAGIOS to see the hostname as the WAN IP of the RaspberryPi (173-246-159-38). If I change from $r to something like $A for the hostname, it just populates the IP Address of the device that sent the trap. I can never get an actual text name in there it seems. I'm trying to get the hostname/address of the SNMP Trap service to be the same as the hostname of the device I have running NRDP. Otherwise, if I just accept the hostname/address that shows in Unconfigured Objects, it's going to add another host and take away from my node-count since we don't have unlimited node license. I need a way to associate the SNMP Trap services with the existing host that I already have running NRDP....

Help!

I see you've opened a ticket for this, so I will be closing this thread and we will continue in the ticket.