Nagios Support Forum

Nothing showing up in the unknown log (hasn't been created yet, even).

System log shows:
Fri Oct 21 11:27:25 2011 SNMPTT v1.3 started
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 89 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 314 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 753 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 239 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 5284 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Loading /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Finished loading 190 lines from /etc/snmp/snmptt.conf.snip
Fri Oct 21 11:27:25 2011 Changing to UID: snmptt (504)



That is to say, traps are not showing up in that log.

snmptrapd.log shows:

2011-10-21 11:26:43 localhost [127.0.0.1] (via UDP: [snip]:35335->[snip]) TRAP, SNMP v1, community snip
.1.3.6.1.4.1.2021.13.990 Enterprise Specific Trap (17) Uptime: 3 days, 19:39:48.65
.1.3.6.1.2.1.1.6.0 = STRING: test test test 5555

Alright, I thought I had uploaded an updated script but I was mistaken. I just uploaded a new NagiosXI-SNMP script so if you could download it and rerun it

http://assets.nagios.com/downloads/nagi ... NMPTrap.sh

Will change the snmptt.ini to start logging and create the /var/log/snmptt directory.

After running that make sure the snmptt.ini was actually edited:

cat /etc/snmp/snmptt.ini | grep 'unknown_trap_log_enable ='

Should simply return:

unknown_trap_log_enable = 1

Then start sending traps and monitor the logs in /var/log/snmptt/

Also I just updated the

http://assets.nagios.com/downloads/nagi ... ith_XI.pdf

doc with advanced troubleshooting techniques with snmptt.

Yes, I had set that to '1' before.

Ran the script, it also had issues when it came to restarting snmptrapd, same errors. I killed the PID and started the service again.

The unknown traps are coming through to the unknown log, nice.

Is it safe to say at this point that the SNMP portion of the server is functioning correctly? (barring the weird snmptrapd service behaviour?)

Yes, that is safe to say, What is failing is that snmptt has no idea what to do with the traps whats it gets them, so it just dumps them to unknown, you'll need to add definitions in snmptt to do what you want with them. Its a good idea to see how its done for other OIDs, and pretty much copy that but use the OIDs you want.

I'll probably re-build another VM and see if I can reproduce the error at some point, but it's working now, so good enough to continue the deployment.

Yes, I still need to configure for the traps from this particular host, just have not done that yet. Thanks for all your help!

Okay, I ran the new SNMP script on our test VM, and now snmptrapd is exhibiting the same behaviour - pidof: invalid options on command line!

Could it be that there's a typo or something in that script? Or perhaps it updates something twice that then breaks snmptrapd?


Also...should I re-post this in the customer forum, or leave this thread here? (we are now a customer...)

Ooookay, progress!

I figured that since all other services could restart/stop/reload with no issues, it was not the 'functions' file, but most likely a problem with '/etc/init.d/snmptrapd'.

I compared the stop function in there to our old Nagios server:

Old: killproc /usr/sbin/snmptrapd
New: killproc -On -p $pidfile /usr/sbin/snmptrapd

I then checked out (on the new box) another service, like 'snmpd': killproc -p $pidfile $binary

Notice there is no '-On'.

I removed that from snmptrapd, and tried restarting/stopping. No more errors!! I checked the man page for killproc, only there isn't one. Someone else suggested 'pkill', and there is no '-On' option in there. The man page I found on the net for 'killproc' did not have anything for that either.


So, resolution seems to be remove '-On' from /etc/init.d/snmptrapd and everything should be okay. Does anyone know what '-On' is supposed to do?

Thanks for the update.

And thats also curious that On was called, its not on this man page:

http://man-wiki.net/index.php/8:killproc

Is this something that is part of your scripted SNMP install, or should someone else be notified?

Well its part of the install, but I've never seen this before. I'm not sure when the script was written, but I'll look into why the -On is on the line.