Nagios Support Forum

Hi guys,

I'm having a trouble where Nagios sends notification by email for the same trap from the same host multiple times in exactly the same intervals - 5 seconds in between. In case of our Juniper routers, Juniper indeed sends same trap when link fails multiple times, but Cisco sends only one trap for interface, yet Nagios sends multiple emails, and they are always 5-6 seconds apart.

So when a link fails, i get 2-7 emails for the same interface.

Is there a way to suppress sending same notification for same OID for the same host so that I could only get

I'm reading both SNMPTT and Nagios documentation, but I couldn't find anything.

The closest thing is setting volatile parameter to 0, but that suppresses sending trap for same interface indefinitely or at least it's cleared.

This is my configuration for the service:

I would really be thankful for help on this.

Kind Regards

Could this be due to the contact group admins? If you look in the service detail history, do you see nagios catching several traps for this? Generally this only happens in a few very select cases, trap spooler not clearing properly, multiple contacts with email addresses that send to same or similar people, or actually receiving multiple traps. If it is truly the third option, there isn't too much that can be done unless you want to modify snmptrapsender.py to respect not sending to nagios the multiple traps.

Thanks.

It looks like host is indeed sending multiple traps for on event.

I'm running Nagios Core on OpenBSD, and there's no snmptrapsender.py on this host.

snmptt calls submit_check_result which then calls /var/www/var/nagios/rw/nagios.cmd.

Can you suggest a best way to say allow processing of only one trap per host per second? This way I could avoid huge amount of spamming.

Kind regards

I discovered duplicate_trap_window in snmptt.ini configuration file. It does exactly what I need, suppresses reporting of same event to Nagios for a configurable amount of time. Can't see how I missed this one.

The snpmtt has to run in daemon mode, which I configured. I also turned on debug because Nagios now wouldn't receive anything from snmptt. This is weird because you can clearly see that EXEC is being called, for example:

OID of received trap: .1.3.6.1.6.3.1.1.5.3. Will attempt to translate to text
Translated to linkDown
EXEC command:/usr/local/libexec/nagios/eventhandlers/submit_check_result "myrouter" "linkDown_trap" "2" "117 up down xe-0/0/2"
Processing file: #snmptt-trap-1394303545458195

Could anyone please try and help me out with this?

Problem solved.

(I'm talking to myself in this thread).

Thanks.

Sorry we didn't get to you sooner, you caught us on the weekend.

I'll mark this as solved and close the thread now. Feel free to open another if you need help in the future.