Nagios Support Forum

Hello, I am currently trying to implement the SNMPtrap service into my network but somehow still cannot get it to work. I have installed the SNMP Trap Configuration Wizard and followed the "Integrating_SNMP_Traps_With_XI" guidelines, so MIB files were also imported into the snmptt.conf file. I have configured my agent to send Nagios Xi the traps and I already can see them with Wireshark, but the SNMPtrap wizard cannot detect anything.
The services snmptrapd and snmptt are both running... what should I pay attention to?? how can I know if the services are properly working??

Logs in /var/log, both snmptrapd and snmptt log. My guess would be that snmptt is not correctly configured, make sure the OIDs being used are configured... This would indicate a problem with the MIB file used.

During creating this documentation this was the single biggest issue I though ppl would run into. Many devices have more then a single MIB file and even though your device sends traps it may be that the traps it uses are part of some "generic" MIB that's available else where.

Check for the specific OIDs your device is sending and make sure it's configured in snmptt.

Thanks for your reply!!, I will check it and get back to you.

Hello, I followed your advice and found out that the log files were not enabled. I have activated them (snmptt.log, snmpttsystem.log, snmpttunknown.log) in the snmptt.ini file.

This is the message I am constantly getting:
In addition, when I run "snmptt --dump" command to display the loaded events I cannot see the OID of the trap I am expecting, should I be able to see it here?? In fact, if we look into the "snmpttunknown.log" we can see that we also have something here, but unfortunately still none of them is being tranlsated
Finally this is the type of MIB I am talking about:
So far, do not if we could tell that the capture tool "snmptrapd" is working but somewhere between the "snmptt.ini" or "snmptt.conf" exists a problem like you pointed out.

I forgot to ask you, the vendor supplies two MIB files. *v1.mib & *v2c.mib. Though, I noticed that some the events in them are repeated, could that cause any conflict?? Also, all MIBs in Nagios have .txt extension, is it important??

Hope there are no so many questions... looking forward to your input... THANKS!!!

I'm not sure I follow you. However it looks like you are just having problems getting the correct MIB files. The script I wrote checks to make sure the file's name is uniq and spits out an error if it exists. This is not a problem though and the names are meaningless and they need not have an extension, AFAIK.

The problem is the OIDs. I was able to run with the same OID defined multiple times, but I did not fully test this functionality(if there is any). So in short get tcpdump or snmptrapd to expose the OIDs your device sends and then add that to the snmptt.conf file. It's unclear weather you need a MIB file or if all you need is this snmptt.conf definition.

Hello,
I did more testing on what you commented. I got the OID of the traps I was expecting, however still got the message exposed above stating that none of the traps have been translated. I looked into the log of the snmpttconvertmib.conf file, which is the file in charge of translating the mib file and append it into snmptt.conf and this is the outcome:
And as we can see the 9 supplied OIDs are translated correctly, though I do not how the variables are handled, as some of the OIDs of the traps I need to catch are variables. I checked that the paths I specify are correct and did not find any error

Another doubt I have is what we should provide in the [General] section of the snmptt.ini file for a "snmptt_system_name =" It comments that is the name of my system for the $H variable but have no clue about what that is. At the moment is empty.

Hope this give use better clue on how to go about it.

Thanks a lot!!

If I understand you correctly your OIDs are variable because they are part of an SNMP table? This is where the OID ends with a (record identifier), making some terms up here, they start with a length then a string like so OID.4."eth0" or OID.3."lo0". I never understood the conversion from letters to there numeric form, but what I do know is that each letter always seams to produce the same number.

I'm unsure is snmptt can support tables, if it does I'm sure it's documented. Though you may have to add an entry for each SNMP table record you wish to trap. Here is some shell code that might simplify this.It would also be possible to use counters to generate each and every possible OID. As indicated the format is simple OID.3.1.2.3 or OID.3.67.34.23 and OID.2.1.2 or OID.2.253.63. For every increment of the first number you'll need to add another counter and there are exponentially that many more iterations.

Hello! As far as I can see, the OID I have does not end with a "Record Identifier", but I would like to comment on some findings before going into the OID declaration. Actually, I have to comment that the snapshots I showed before were misleading. They made me believe that the traps I was getting could not be translated. But over the wekend I realize that SNMPTT was getting the wrong arguments as it was reading the traps from the wrong file. So having fixed this part, I could clearly see in the "snmptrad.log" file that the traps I was expecting are coming in. From what I can see so far, the incoming traps I am getting will get logged either as unknown or translated traps. The translated traps are shown like this:
Because now some of the traps I am expecting are getting translated, I thought I could successfully use the SNMP_TRAP_Wizard, yet the outcome is still this message:
So any ideas on what the missing thing is?? What should I expect to see instead of the "No monitoring options" message?? Also, do I have to include any template or something in my host??


Thanks again!!

Firstly the Wizard and snmptt are vary far away from each other. I'd say it'd be impossible for one to effect the other.

If you have problems with a web interface don't think it's related to a daemon unless we confirm they are related.

Next, try and think about alternative meanings... Don't assume everything you read is an indicator that something has gone wrong. The error you are reporting is a message, kind of like "This page was intentionally left blank." The message is intended to inform you that there are not options for you to configure.