Page 2 of 2
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Tue May 22, 2018 3:02 pm
by lpereira
the files under /var/log/snmptt
[root@nagios snmptt]# ls -lrt
total 12
-rw-rw-r-- 1 snmptt root 447 May 18 17:08 snmptt.log-20180520
-rw-r--r-- 1 root root 3808 May 18 18:24 snmpttsystem.log-20180520
-rw-rw-r-- 1 snmptt root 0 May 20 03:51 snmptt.log
-rw-r--r-- 1 root root 2142 May 22 11:04 snmpttsystem.log
None of them seems to be updated with the test command i ran
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Tue May 22, 2018 4:17 pm
by tgriep
Do you see any new entries in this folder?
The snmptrapd daemon puts new entries there and the snmptt daemon retrieves them.
If that folder is empty, then lets restart the daemons and try the test command again
Run this as root
Code: Select all
service snmptrapd restart
service snmptt restart
Send the test trap again.
Also, stop the firewall to see if that is still blocking the traps.
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Tue May 22, 2018 4:44 pm
by lpereira
iw as finally able to get the traps...
Howver not sure how to determine if there should be more traps added on it, or this will received all the traps sent by the appliance.
Also how should i configure to send alerts?
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Tue May 22, 2018 4:49 pm
by tgriep
The MIB file only had one OID in it so if the device is sending more traps, then a different MIB file is required.
You want to setup the server to send emails?
If so, take a look at this article.
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
Let us know if you have any further questions.
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Wed May 23, 2018 6:11 am
by lpereira
tgriep wrote:The MIB file only had one OID in it so if the device is sending more traps, then a different MIB file is required.
You want to setup the server to send emails?
If so, take a look at this article.
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
Let us know if you have any further questions.
Thanks... i have already configured my Nagios to send alerts for the rest of the nodes. however i'm not sure how to Make Nagios process these particullar traps and send the emails for warning and critical
Re: Monitoring Deep Security 10.0 via SNMP
Posted: Wed May 23, 2018 2:17 pm
by tgriep
This KB article is the SNMP Trap Tutorial.
https://support.nagios.com/kb/article/n ... al-77.html
It gives examples on how to edit the Trap configuration file to create Warning and Critical Traps so email notifications will be generated when those traps are received.
Search for this section in the article.
Create Custom Events In SNMPTT
Take a look at it and if you have any questions, post them here.