Page 2 of 2
Re: 'UNKNOWN' Host within snmptt.log
Posted: Thu Jan 07, 2021 9:45 am
by kcarlson
Hello, I will try this and report back. My concern is that I now have multiple traps and hosts that are showing as 'unknown'. If this fix corrects my issue, will I need to then go in and edit each trap? These have previously worked fine before.
Thanks!
Re: 'UNKNOWN' Host within snmptt.log
Posted: Fri Jan 08, 2021 10:25 am
by ssax
Please try this:
Stop snmptt:
Then send in a trap to replicate the (null) and once you've sent it, send me the trap file from this directory:
/var/spool/snmptt.
Then once you're done, start snmptt back up again:
Then do this as well:
Edit your
/etc/snmp/snmptt.ini and set:
Then restart snmptt:
Then submit one of the traps that say (null) and after that send me this file:
Then disable debugging (set it to 0) and restart the service.
If that doesn't provide any details, please create a ticket for this and include a link back to this forum thread so we can get a remote session setup:
https://support.nagios.com/tickets/
Thank you!
Re: 'UNKNOWN' Host within snmptt.log
Posted: Tue Jan 19, 2021 10:06 am
by ssax
In addition to my previous post, please try editing this file:
Change line 3291 from this:
To this:
See if that resolves it.
Taken from here:
https://sourceforge.net/p/snmptt/bugs/46/
Re: 'UNKNOWN' Host within snmptt.log
Posted: Tue Jan 19, 2021 10:35 am
by kcarlson
Hello,
I have sent PM's with attachments you had requested. I then edited line 3291 in /usr/sbin/snmptt to the changes you had posted. I then restarted snmptt and sent a test trap. The test trap continues to show UNKNOWN as host in snmptt.log.
Thanks
Re: 'UNKNOWN' Host within snmptt.log
Posted: Wed Jan 20, 2021 2:50 pm
by ssax
EDIT: I think this is likely failing because DNS is not working and the
$r in the EXEC line requires it.
Does this command work with one of the hosts where it's showing as UNKNOWN?
- Change X.X.X.X. to the IP of the sending device
Try changing the trap EXEC line where it shows $r and change it to $aA to see if that resolves it for one of them:
From:
Code: Select all
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "Critical alarms are sent for service affecting $*"
To:
Code: Select all
EXEC /usr/local/bin/snmptraphandling.py "$aA" "SNMP Traps" "$s" "$@" "$-*" "Critical alarms are sent for service affecting $*"
Restart SNMPTT and then test again with the trap you modified:
If that doesn't resolve it, please create a ticket for this and include a link back to this forum thread so we can get a remote session setup:
https://support.nagios.com/tickets/
Re: 'UNKNOWN' Host within snmptt.log
Posted: Tue Feb 09, 2021 9:28 am
by kcarlson
Hello
I apologize for the long delay in getting this tested.
When performing a nslookup on that host I receive a:
** server can't find X.X.X.X.in-addr.arpa: REFUSED
When performing a nslookup against google it is successful.
I edited the particular trap I am using to test in /etc/snmp/snmptt.conf. I then restarted snmptt and went back to my device to send a test trap. The trap is still appearing in /var/log/snmptt/snmptt.log as 'UNKNOWN' but I am now receiving email notifications that a test trap was sent from that host.
Thanks!
Re: 'UNKNOWN' Host within snmptt.log
Posted: Tue Feb 09, 2021 7:45 pm
by ssax
Please create a ticket for this and include a link back to this forum thread so we can get a remote session setup:
https://support.nagios.com/tickets/
Thank you!