Nagios Support Forum

I'm now attempting to import some Cisco MIBs for monitoring our UCS environment. When I try to do so through the web interface, by going to Admin -> Manage MIBs -> click the "Upload a MIB" button, and check the 'process trap' radio button, I keep getting the following:

"Uploaded file had one or more failed translations when converting to snmptt mib."

I'd like to completely rebuild the MIB database, as I can't get any MIBs to upload or install. Is there a collection of standard MIBs I could start with importing?

It seems like the MIB definitions with the numerical references are stored in /etc/snmp/snmptt.conf.nxti . When attempting to add a MIB, its text is added to /etc/snmp/snmptt.conf if successful.

the directories I know MIBs wind up in are:
/usr/share/snmp/mibs
/usr/share/snmp/mibs/processed_mibs

the commands I know to run are:
addmib
- use the web interface, upload with "process trap" selected.

When I run the SNMPwalk within Nagios for a Cisco UCS that I've checked has SNMP enabled and I'm using the correct community string, I can get top level traps, but anything of real value further down the SNMP tree isn't found, and I know I need to have the correct MIBs loaded for it to work.

Any help would be greatly appreciated.

The reason why it is failing is because you need to upload them in a very specific order and you have to have all of them, there can't be any missing.

The way to do this is to look at the top of the MIB file and you will see:

IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, Counter64,
Integer32, TimeTicks, mib-2,
NOTIFICATION-TYPE FROM SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString,
PhysAddress, TruthValue, RowStatus,
TimeStamp, AutonomousType, TestAndIncr FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP FROM SNMPv2-CONF
snmpTraps FROM SNMPv2-MIB
IANAifType FROM IANAifType-MIB;

Those from lines show you what MIBs you need to have in /usr/share/snmp/mibs (or uploaded through the web interface) but they should still be put in there.

The complicated part is that you would need to open the other MIBs from the "from" directives and make sure you have all their MIBs in place before trying to process those MIBs. You basically need to spider all the MIBs and find all the other MIBs that they depend on to make sure you start with the ones that only rely on the default MIBs/ones that are already uploaded. The example I posted all use MIBs that are there by default so you'd be fine to process that MIB.

The first thing I do when I download a MIB is make sure I download all the related MIBs that aren't on my system, then I upload them all to /usr/share/snmp/mibs and run the addmib command, if it fails, it will show more information (unlike the web UI) so you can deal with it easier.

When you run a snmpwalk it only walks the OIDs that are consecutive, it won't list out all of the OIDs, and you shouldn't need MIBs to get the OIDs, MIBs are only used to convert the long string of numbers into it's friendly name for a walk. If it doesn't have the MIB it should just show the long string of numbers.

Does that make sense? Let me know if I need to clarify anything.

"yum reinstall net-snmp-libs" should reinstall the default MIBs under /usr/share/snmp/mibs if you removed them but you'd need to run these commands after:

Thanks for the help. Currently, when I perform the SNMP walk with Nagios on the device, it sees just the string of numbers and not the user-friendly description in the MIBs I've supposedly converted.

Following your directions, I moved all of the files out of /usr/share/snmp/mibs , and ran 'yum reinstall net-snmp-libs', which put the default MIBs back in /usr/share/snmp/mibs. I then set the correct permissions / ownership.

I understand the concept of adding the MIBs in the right order, and have been doing that this morning. After I use the 'addmib' command with no errors, I check the /etc/snmp/snmptt.conf file and don't see any descriptions of objects, and just a line that states that the MIB has been converted. For instance:

MIB: CISCO-SMI (file:./CISCO-SMI.mib) converted on Fri Aug 24 08:20:54 2018 using snmpttconvertmib v1.3
#
#
#
#
MIB: CISCO-TC (file:./CISCO-ST-TC) converted on Fri Aug 24 08:33:35 2018 using snmpttconvertmib v1.3
#
#
#
#

With other MIBs, definitions follow the line with the MIB title. For example:

MIB: BRIDGE-MIB (file:./BRIDGE-MIB.txt) converted on Fri Aug 17 09:54:17 2018 using snmpttconvertmib v1.3
#
#
#
EVENT newRoot .1.3.6.1.2.1.17.0.1 "Status Events" Normal
FORMAT The newRoot trap indicates that the sending agent has $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "The newRoot trap indicates that the sending agent has $*"
SDESC
The newRoot trap indicates that the sending agent has
become the new root of the Spanning Tree; the trap is
sent by a bridge soon after its election as the new
root, e.g., upon expiration of the Topology Change Timer,
immediately subsequent to its election. Implementation
of this trap is optional.
Variables:
EDESC


Is it possible that the converter is already finding all of the objects / events defined earlier in the file so omitting them? Or is it just failing to add them altogether, but with no error message? Or am I not even checking the right file?

ssax wrote:The reason why it is failing is because you need to upload them in a very specific order and you have to have all of them, there can't be any missing.

The way to do this is to look at the top of the MIB file and you will see:

IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, Counter64,
Integer32, TimeTicks, mib-2,
NOTIFICATION-TYPE FROM SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString,
PhysAddress, TruthValue, RowStatus,
TimeStamp, AutonomousType, TestAndIncr FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP FROM SNMPv2-CONF
snmpTraps FROM SNMPv2-MIB
IANAifType FROM IANAifType-MIB;

Those from lines show you what MIBs you need to have in /usr/share/snmp/mibs (or uploaded through the web interface) but they should still be put in there.

The complicated part is that you would need to open the other MIBs from the "from" directives and make sure you have all their MIBs in place before trying to process those MIBs. You basically need to spider all the MIBs and find all the other MIBs that they depend on to make sure you start with the ones that only rely on the default MIBs/ones that are already uploaded. The example I posted all use MIBs that are there by default so you'd be fine to process that MIB.

The first thing I do when I download a MIB is make sure I download all the related MIBs that aren't on my system, then I upload them all to /usr/share/snmp/mibs and run the addmib command, if it fails, it will show more information (unlike the web UI) so you can deal with it easier.

When you run a snmpwalk it only walks the OIDs that are consecutive, it won't list out all of the OIDs, and you shouldn't need MIBs to get the OIDs, MIBs are only used to convert the long string of numbers into it's friendly name for a walk. If it doesn't have the MIB it should just show the long string of numbers.

Does that make sense? Let me know if I need to clarify anything.

"yum reinstall net-snmp-libs" should reinstall the default MIBs under /usr/share/snmp/mibs if you removed them but you'd need to run these commands after:

Code: Select all

chmod 664 /usr/share/snmp/mibs/*.txt
chown root.nagios /usr/share/snmp/mibs/*.txt

Not all MIBs have trap definitions in them to process. Like your CISCO-SMI and CISCO-ST-TC ones, they don't have any traps defined so nothing will be added to the snmptt.conf except the line indicating there was an attempt to process it.

When the traps are sent in, which file are they going into in /var/log/snmptt? Please let us know which traps are showing up there so that we can look at what MIBs are required and try to determine what is going on.

Or are you only having issues with it showing OIDs instead of the friendly name for the snmpwalk wizard at this point?

ssax wrote: Or are you only having issues with it showing OIDs instead of the friendly name for the snmpwalk wizard at this point?

This is my problem. When I scan for with OID:

enterprises.9.9.315.1.2.1.1.2

Which should be described as:

cpsIfPortSecurityStatus

which is defined in MIB:

CISCO-PORT-SECURITY-MIB

which I have installed, along with all dependencies, when I perform the SNMP walk I still get:

OID: enterprises.9.9.315.1.2.1.1.2.10101
MIB To Use: SNMPv2-SMI

I guess I don't understand why the OID still shows as numeric, and the "MIB To Use" isn't CISCO-PORT-SECURITY-MIB. When I set MIB To Use to CISCO-PORT-SECURITY-MIB manually and check just the box for that one OID, the configuration application fails.

Can you help me understand what I'm missing here?

I think I may have found the issue, try editing this file:

And change this code (around line 374):
To this:
Then test it again.

Thanks for the quick response. What is the filename?

ssax wrote:I think I may have found the issue, try editing this file:

And change this code (around line 374):

Code: Select all

                if ($snmpversion == "3") {
                    $cmdline = "/usr/bin/snmpwalk -v " . escapeshellcmd($snmpversion) . " " . escapeshellcmd($cmdargs) . " " . escapeshellcmd(nagiosccm_replace_user_macros($address)) . ":" . escapeshellcmd(nagiosccm_replace_user_macros($port)) . " " . $useoid . " > " . $resultfile . " 2>&1 & echo $!";
                } else
                    $cmdline = "/usr/bin/snmpwalk -v " . escapeshellcmd($snmpversion) . " -c " . escapeshellcmd(nagiosccm_replace_user_macros($snmpcommunity)) . escapeshellcmd($cmdargs) . " " . escapeshellcmd(nagiosccm_replace_user_macros($address)) . ":" . escapeshellcmd(nagiosccm_replace_user_macros($port)) . " " . $useoid . " > " . $resultfile . " 2>&1 & echo $!";

To this:

Code: Select all

                if ($snmpversion == "3") {
                    $cmdline = "/usr/bin/snmpwalk -m +ALL -v " . escapeshellcmd($snmpversion) . " " . escapeshellcmd($cmdargs) . " " . escapeshellcmd(nagiosccm_replace_user_macros($address)) . ":" . escapeshellcmd(nagiosccm_replace_user_macros($port)) . " " . $useoid . " > " . $resultfile . " 2>&1 & echo $!";
                } else
                    $cmdline = "/usr/bin/snmpwalk -m +ALL -v " . escapeshellcmd($snmpversion) . " -c " . escapeshellcmd(nagiosccm_replace_user_macros($snmpcommunity)) . escapeshellcmd($cmdargs) . " " . escapeshellcmd(nagiosccm_replace_user_macros($address)) . ":" . escapeshellcmd(nagiosccm_replace_user_macros($port)) . " " . $useoid . " > " . $resultfile . " 2>&1 & echo $!";

Then test it again.

Woops, sorry about that, here is the file:

That worked! Thanks.

I have created a merge request with these changes in our system, once the developers approve/merge it then it will be added to the latest.

Are we okay to lock this thread and mark it as resolved?