Nagios Support Forum

Hi,
I see that trap sender sends traps out right away rather than waiting a bit and not sending if an alert is cancelled. I have a delay set up in a host/service templates so if an alert is cancelled in the delay period, Nagios cleverly doesn't send notifications. I'd like to have something similar for the trap sender, so the traps sent more closely match the notifications.

Has anyone created something like this?

My thought is to replace the trap sender (snmptrap) or modify the .php file to use a script, and insert the traps into a table. Then have a service running say every 5 minutes to select from the table and if there's been an ok in the delay window, delete the alert and the ok. If the delay's been exceeded, send the send a trap and delete the row.

I'm thinking the table would have timestamp, trap destination, host, service, and alert text columns. The table will be cleaned up every few minutes so it would never get a lot of rows in it.

There was a feature request to make the trap sender configurable, which would simplify things.

A trap fed to snmptrap looks like this:
10.x.x.x:1162 hostname Log_Unix_System "WARNING: /var/log/messages contains 1 new instances of: error crit alert emerg. Last message:"

We don't have anything like that built in that I am aware of. The trap sender I believe operates as an event handler and not a notification, so the delay rules would not take effect. This would need to be added by the devs if it was going to be something we could support.

I was wondering if someone had set up something similar not asking if it was already in XI. It obviously isn't. I probably should have posted in general, not customer support...
Its also apparent that trap sending is separate from notifications, which is why I asked the question.

After thinking about it, here would be the general process that would need to occur:

1. Generate SNMP trap and cache it somewhere.
2. Wait the configured amount of time.
3. Check the state of the service/host again.
4. If still same state send, else discard.

While it shouldn't be that difficult to implement, it will require a bit of logic/coding, would you like me to submit a feature request for it?

We can leave it open for a few days to see if anyone else chimes in with a solution. Would you like me to move it to the general forum?

What you've outlined is the same as what I described in post 1, and I'm aware that it requires some coding.
Yes, please create a feature request.

Feature request created with a link back to this thread:

Thanks!
Is there a way for users to check feature requests? There's another one created some time ago about filtering traps I think.
Also I'd like to be able to configure the trap sender so I can replace it. I edited the trap sender .php file but the system didn't like that at all...

Unfortunately there isn't a way for customers to check the status at this time, usually you can just post in the original topic and ask for us to check.

I was the one who submitted the other one for you as well, I checked the status and there hasn't been any movement on it yet but it hasn't been canceled so that's a good sign. It's entirely up to the developers if/when they implement a feature depending on their priorities.

You should be able to edit the trap sender .php file without issue, the only times it really causes problems is if you have a PHP syntax error. Did you receive any errors?

Thank you

My reply seems to have gotten lost...
It was a syntax error. Now it works.
Can a request be made to make the trap sender changable w/o changing the php file?
Can I have the number of the one created a while back?

Thanks

Glad it's working, can you explain what you mean by having the trap sender configurable? I want to make sure I'm on the same page before putting in the request.

Here is the other one: