Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Thu Feb 20, 2014 9:59 pm
Hello. I have a problem with snmptt. I have a system CentOS 6.5 and i need receive snmp trap on nagios core 3.5.1. I installed snmp, snmptrap and snmptt services. And then i use next command:
Code: Select all
snmptrap -c public -v 2c 127.0.0.1 "" 1.3.3.3.3.3.3.3 1.2.2.2.2.2.2 s "TEST"
This trap is catched by snmptrapd.log, but file snmptt.log even not created.
Config snmptt.ini:
Code: Select all
mode=daemon
net_snmp_perl_enable=1
spool_directory=/var/spool/snmptt/
use_trap_time=1
keep_unlogged_traps=1
stdout_enable=1
log_enable=1
log_file=/var/log/snmptt/snmptt.log
log_system_enable=1
log_system_file=/var/log/snmptt/snmpttsystem.log
unknown_trap_log_enable=1
unknown_trap_log_file=/var/log/snmptt/snmpttunknown.log
Config snmptrapd.conf:
Code: Select all
traphandler default /usr/sbin/snmptthandler
logoption f /var/log/snmptrap.log
disableAuthorization yes
Direcroty /var/spool/snmptt/ is empty
Help me, please. Why snmptt is not logging?
P.S. Sorry for dirty english =)
sreinhardt
-fno-stack-protector
Posts: 4366 Joined: Mon Nov 19, 2012 12:10 pm
Post
by sreinhardt » Fri Feb 21, 2014 12:33 pm
Well, have you actually received any traps? Also if you could respond with the output from the following commands.
Code: Select all
ls -lva /usr/local/bin | grep -i 'snmp\|addmib'
ls -lva /usr/local/sbin | grep -i 'snmp\|addmib'
ls -lva /usr/sbin | grep -i 'snmp\|addmib'
grep -i 'daemon_uid\|mode =' /etc/snmp/snmptt.ini
grep -i -m 5 'exec' /etc/snmp/snmptt.conf
grep -i 'nag' /etc/group
grep -i 'snmp' /etc/group
ll /var/log/snmptt/
ll -d /var/log/snmptt/
ll /var/spool/snmptt
ll -d /var/spool/snmptt
yum list installed | grep -i snmp
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Sat Feb 22, 2014 5:25 am
sreinhardt wrote: Well, have you actually received any traps? Also if you could respond with the output from the following commands.
Code: Select all
ls -lva /usr/local/bin | grep -i 'snmp\|addmib'
ls -lva /usr/local/sbin | grep -i 'snmp\|addmib'
ls -lva /usr/sbin | grep -i 'snmp\|addmib'
grep -i 'daemon_uid\|mode =' /etc/snmp/snmptt.ini
grep -i -m 5 'exec' /etc/snmp/snmptt.conf
grep -i 'nag' /etc/group
grep -i 'snmp' /etc/group
ll /var/log/snmptt/
ll -d /var/log/snmptt/
ll /var/spool/snmptt
ll -d /var/spool/snmptt
yum list installed | grep -i snmp
Code: Select all
ls -lva /usr/sbin | grep -i 'snmp\|addmib'
-rwxr-xr-x. 1 root root 25972 Nov 22 22:56 snmpd
-rwxr-xr-x. 1 root root 25992 Nov 22 22:56 snmptrapd
-rwxr-xr-x 1 root root 177455 Feb 7 19:55 snmptt
-rwxr-xr-x 1 root root 3291 Feb 8 12:12 snmpttconvert
-rwxr-xr-x 1 root root 30765 Feb 7 20:05 snmpttconvertmib
-rwxr-xr-x 1 root root 6488 Feb 7 19:55 snmptthandler
grep -i 'daemon_uid\|mode =' /etc/snmp/snmptt.ini
#mode = standalone
description_mode = 0
# A second (child) process will be started as the daemon_uid user so
daemon_uid = snmptt
grep -i -m 5 'exec' /etc/snmp/snmptt.conf
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (coldStart)"
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (warmStart)"
#EXEC qpage -f TRAP notifygroup1 "Link down on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "Link up on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "SNMP authentication failure"
grep -i 'nag' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
grep -i 'snmp' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
snmptt:x:502:
ll /var/log/snmptt/
total 4
-rw-r--r-- 1 root root 426 Feb 8 14:39 snmpttsystem.log
ll -d /var/log/snmptt/
drwxr-xr-x 2 root root 4096 Feb 8 11:48 /var/log/snmptt/
ll /var/spool/snmptt
total 0
ll -d /var/spool/snmptt
drwxr-xr-x 2 root root 4096 Feb 7 20:04 /var/spool/snmptt
cat /var/log/snmptrapd.log
NET-SNMP version 5.5
2014-02-08 16:36:00 <UNKNOWN> [UDP: [192.168.0.5]:43412->[192.168.0.17]]:
.1.3.6.1.2.1.1.3.0 = Timeticks: (1459705) 4:03:17.05 .1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.3.3.3.3.3.3 .1.2.2.2.2.2.2 = STRING: "test message"
2014-02-08 16:36:22 <UNKNOWN> [UDP: [192.168.0.5]:49385->[192.168.0.17]]:
.1.3.6.1.2.1.1.3.0 = Timeticks: (1461925) 4:03:39.25 .1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.3.3.3.3.3.3 .1.2.2.2.2.2.2 = STRING: "test message 2222"
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Mon Feb 24, 2014 1:36 am
I received next information:
Code: Select all
[root@localhost ~]# ls -lva /usr/local/bin | grep -i 'snmp\|addmib'
-r-xr-xr-x. 1 root root 4817 Feb 20 14:42 snmpkey
[root@localhost ~]# ls -lva /usr/local/sbin | grep -i 'snmp\|addmib'
[root@localhost ~]# ls -lva /usr/local/sbin | grep -i 'snmp\|addmib'
[root@localhost ~]# grep -i 'daemon_uid\|mode =' /etc/snmp/snmptt.ini
#mode = standalone
mode = daemon
description_mode = 0
# A second (child) process will be started as the daemon_uid user so
daemon_uid = snmptt
[root@localhost ~]# grep -i -m 5 'exec' /etc/snmp/snmptt.conf
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (coldStart)"
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (warmStart)"
#EXEC qpage -f TRAP notifygroup1 "Link down on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "Link up on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "SNMP authentication failure"
[root@localhost ~]# grep -i 'nag' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
[root@localhost ~]# grep -i 'snmp' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
snmptt:x:502:
[root@localhost ~]# ll /var/log/snmptt/
total 2492
-rw-r--r--. 1 snmptt root 100310 Feb 24 14:34 snmpttdebug.log
-rw-r--r--. 1 snmptt root 2430783 Feb 24 08:56 snmpttdebug.log-20140223
-rw-r--r--. 1 root root 426 Feb 24 08:59 snmpttsystem.log
-rw-r--r--. 1 root root 2776 Feb 20 12:18 snmpttsystem.log-20140223
[root@localhost ~]# ll -d /var/log/snmptt/
drwxr-xr-x. 2 root root 4096 Feb 23 03:06 /var/log/snmptt/
[root@localhost ~]# ll /var/spool/snmptt
total 0
[root@localhost ~]# ll -d /var/spool/snmptt
drwxr-xr-x. 2 root root 4096 Feb 18 09:59 /var/spool/snmptt
[root@localhost ~]# yum list installed | grep -i snmp
net-snmp.x86_64 1:5.5-49.el6 @base
net-snmp-devel.x86_64 1:5.5-49.el6 @base
net-snmp-libs.x86_64 1:5.5-49.el6 @base
net-snmp-perl.x86_64 1:5.5-49.el6 @base
net-snmp-utils.x86_64 1:5.5-49.el6 @base
sreinhardt
-fno-stack-protector
Posts: 4366 Joined: Mon Nov 19, 2012 12:10 pm
Post
by sreinhardt » Mon Feb 24, 2014 12:10 pm
Looks like we have a few permissions issues. If you could run the following commands, then also rerun the commands I originally requested above, just to be sure it came out properly.
Code: Select all
chown root:nagios /etc/snmp/snmptt.ini /etc/snmp/snmptt.conf /etc/snmp /usr/local/bin/addmib
chmod g+w /etc/snmp/snmptt.ini /etc/snmp
chmod g+x /usr/local/bin/addmib
chown -R snmptt:snmptt /var/spool/snmptt /var/log/snmptt
chmod -R ug+wx /var/spool/snmptt /var/log/snmptt
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Mon Feb 24, 2014 8:50 pm
sreinhardt wrote: Looks like we have a few permissions issues. If you could run the following commands, then also rerun the commands I originally requested above, just to be sure it came out properly.
Code: Select all
chown root:nagios /etc/snmp/snmptt.ini /etc/snmp/snmptt.conf /etc/snmp /usr/local/bin/addmib
chmod g+w /etc/snmp/snmptt.ini /etc/snmp
chmod g+x /usr/local/bin/addmib
chown -R snmptt:snmptt /var/spool/snmptt /var/log/snmptt
chmod -R ug+wx /var/spool/snmptt /var/log/snmptt
I received some error:
Code: Select all
[root@localhost snmptt]# chown root:nagios /etc/snmp/snmptt.ini /etc/snmp/snmptt.conf /etc/snmp /usr/local/bin/addmib
chown: cannot access `/usr/local/bin/addmib': No such file or directory
[root@localhost snmptt]# chmod g+x /etc/snmp/snmptt.ini /etc/snmp
[root@localhost snmptt]# chmod g+x /usr/local/bin/addmib
chmod: cannot access `/usr/local/bin/addmib': No such file or directory
[root@localhost snmptt]# chown -R snmptt:snmptt /var/spool/snmptt /var/log/snmptt
[root@localhost snmptt]# chmod -R ug+wx /var/spool/snmptt /var/log/snmptt
Should I create this folder? (/usr/local/bin/addmib).
I rerun your commands:
Code: Select all
[root@localhost snmptt]# ls -lva /usr/local/bin | grep -i 'snmp\|addmib'
-r-xr-xr-x. 1 root root 4817 Feb 20 14:42 snmpkey
[root@localhost bin]# ls -lva /usr/local/sbin | grep -i 'snmp\|addmib'
[root@localhost bin]# ls -lva /usr/sbin | grep -i 'snmp\|addmib'
-rwxr-xr-x. 1 root root 30744 Nov 22 23:01 snmpd
-rwxr-xr-x. 1 root root 30776 Nov 22 23:01 snmptrapd
-rwxr-xr-x. 1 root root 177455 Feb 18 10:09 snmptt
-rwxr-xr-x. 1 root root 3291 Feb 18 13:40 snmpttconvert
-rwxr-xr-x. 1 root root 30765 Feb 18 09:57 snmpttconvertmib
-rwxr-xr-x. 1 root root 6488 Feb 18 10:09 snmptthandler
[root@localhost bin]# grep -i 'daemon_uid\|mode =' /etc/snmp/snmptt.ini
#mode = standalone
mode = daemon
description_mode = 0
# A second (child) process will be started as the daemon_uid user so
daemon_uid = snmptt
[root@localhost bin]# grep -i -m 5 'exec' /etc/snmp/snmptt.conf
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (coldStart)"
#EXEC qpage -f TRAP notifygroup1 "Device reinitialized (warmStart)"
#EXEC qpage -f TRAP notifygroup1 "Link down on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "Link up on interface $1. Admin state: $2. Operational state: $3"
#EXEC qpage -f TRAP notifygroup1 "SNMP authentication failure"
[root@localhost bin]# grep -i 'nag' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
[root@localhost bin]# grep -i 'snmp' /etc/group
nagios:x:500:snmptt
nagcmd:x:501:nagios,apache,snmptt
snmptt:x:502:
[root@localhost bin]# ll /var/log/snmptt/
total 432
-rwxrwxr--. 1 snmptt snmptt 431079 Feb 25 09:22 snmpttdebug.log
-rwxrwxr--. 1 snmptt snmptt 2366 Feb 25 09:22 snmpttsystem.log
[root@localhost bin]# ll -d /var/log/snmptt/
drwxrwxr-x. 2 snmptt snmptt 4096 Feb 25 09:21 /var/log/snmptt/
[root@localhost bin]# ll /var/spool/snmptt
total 0
[root@localhost bin]# ll -d /var/spool/snmptt
drwxrwxr-x. 2 snmptt snmptt 4096 Feb 18 09:59 /var/spool/snmptt
[root@localhost bin]# yum list installed | grep -i snmp
net-snmp.x86_64 1:5.5-49.el6 @base
net-snmp-devel.x86_64 1:5.5-49.el6 @base
net-snmp-libs.x86_64 1:5.5-49.el6 @base
net-snmp-perl.x86_64 1:5.5-49.el6 @base
net-snmp-utils.x86_64 1:5.5-49.el6 @base
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Mon Feb 24, 2014 9:55 pm
Do I understand correctly that if I don't have MIBs, SNMPTT should write trap in snmpttunknown.log?
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Tue Feb 25, 2014 9:01 am
I use snmptt 1.4
sreinhardt
-fno-stack-protector
Posts: 4366 Joined: Mon Nov 19, 2012 12:10 pm
Post
by sreinhardt » Tue Feb 25, 2014 11:38 am
You are correct, if you do not have mibs\oids added to snmptt.conf, they should show in snmpttunknown.log. Are you seeing anything in there?
Also please do not double or triple post, instead modify your last post. Otherwise it puts you to the end of the line, as we do not answer based on bumps and highest in thread, but last post time.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Ravil
Posts: 43 Joined: Thu Feb 20, 2014 9:30 pm
Post
by Ravil » Tue Feb 25, 2014 9:30 pm
sreinhardt wrote: You are correct, if you do not have mibs\oids added to snmptt.conf, they should show in snmpttunknown.log. Are you seeing anything in there?
Also please do not double or triple post, instead modify your last post. Otherwise it puts you to the end of the line, as we do not answer based on bumps and highest in thread, but last post time.
No, i see nothing, except /var/log/snmptt/snmpttsystem.log and /var/log/snmptt/snmpttdebug.log
I use next snmtrap commands:
Code: Select all
snmptrap -v 1 -c public 192.168.0.124 '.1.3.6.1.2.1.1.3.0' '192.168.0.124' 6 99 '55' 1.3.6.1.2.1.1.3.0 s "test message 1"
snmptrap -v 2c -c public 192.168.0.124 "" 1.3.3.3.3.3.3.3 1.2.2.2.2.2.2 s "TEST MESSAGE"
I see these traps in /var/log/snmptrap.log, but i don't see them in /var/log/snmptt/
Nagios server has IP-address 192.168.0.124. It's mean that I send trap on localhost.
This is my snmptt.ini file:
Code: Select all
[General]
snmptt_system_name =
#mode = standalone
mode = daemon
multiple_event = 1
dns_enable = 0
strip_domain = 0
strip_domain_list = <<END
domain.com
END
resolve_value_ip_addresses = 0
net_snmp_perl_enable = 1
net_snmp_perl_cache_enable = 1
net_snmp_perl_best_guess = 0
translate_log_trap_oid = 0
translate_value_oids = 1
translate_enterprise_oid_format = 1
translate_trap_oid_format = 1
translate_varname_oid_format = 1
translate_integers = 1
mibs_environment = ALL
wildcard_expansion_separator = " "
allow_unsafe_regex = 0
remove_backslash_from_quotes = 0
dynamic_nodes = 0
description_mode = 0
description_clean = 1
threads_enable = 0
threads_max = 10
date_time_format = %H-%M-%S %Y:%m:%d
[DaemonMode]
daemon_fork = 1
daemon_uid = snmptt
pid_file = /var/run/snmptt.pid
spool_directory = /var/spool/snmptt/
sleep = 5
use_trap_time = 1
keep_unlogged_traps = 1
duplicate_trap_window = 0
[Logging]
stdout_enable = 1
log_enable = 1
log_file = /var/log/snmptt/snmptt.log
log_system_enable = 1
log_system_file = /var/log/snmptt/snmpttsystem.log
unknown_trap_log_enable = 1
unknown_trap_log_file = /var/log/snmptt/snmpttunknown.log
statistics_interval = 0
syslog_enable = 1
syslog_facility = local0
syslog_level_debug = <<END
END
syslog_level_info = <<END
END
syslog_level_notice = <<END
END
syslog_level_warning = <<END
END
syslog_level_err = <<END
END
syslog_level_crit = <<END
END
syslog_level_alert = <<END
END
syslog_level = warning
syslog_system_enable = 1
syslog_system_facility = local0
syslog_system_level = warning
[Exec]
exec_enable = 1
pre_exec_enable = 1
unknown_trap_exec =
unknown_trap_exec_format =
exec_escape = 1
[Debugging]
DEBUGGING = 2
DEBUGGING_FILE = /var/log/snmptt/snmpttdebug.log
DEBUGGING_FILE_HANDLER =
[TrapFiles]
snmptt_conf_files = <<END
END
Code: Select all
[root@localhost ~]# ps -e | grep snmptt
1015 ? 00:00:00 snmptt
1016 ? 00:00:00 snmptt
Is it normally, that SNMPTT has 2 pid???