SNMP TRAP Integration

Information and discussions relating to the NSTI (Nagios SNMP Trap Interface) addon.

SNMP TRAP Integration

Postby floki » Mon Jan 07, 2019 4:37 am

Hi guys,

Been following this guide:
https://askaralikhan.blogspot.com/2010/ ... 7129021900

Was able to have the execute and have the following result:
Image

However, I'm wondering why I don't get variables on some of MIBs that I converted, see the photo below:
Image

I also can't see any files in /var/spool/snmptt but I'm receiving logs in /var/log/snmptt
Currently testing it with another Centos Server that I enabled to send traps:
<Client Server>/etc/snmp/snmpd.conf:
Code: Select all
trap2sink 172.16.16.26 public
###############################################################################
#
# snmpd.conf:
#   An example configuration file for configuring the ucd-snmp snmpd agent.
#
###############################################################################
#
# This file is intended to only be as a starting point.  Many more
# configuration directives exist than are mentioned in this file.  For
# full details, see the snmpd.conf(5) manual page.
#
# All lines beginning with a '#' are comments and are intended for you
# to read.  All other lines are configuration commands for the agent.



I just put the 'trap2sink' config on to top then start snmpd service. Is that okay?

I'm new to SNMP trap so please guide me. I can also give the nagios core cfgs as well as the snmp conf files since these is just in testing environment. Thanks a lot!
floki
 
Posts: 65
Joined: Tue Dec 18, 2018 5:23 am

Re: SNMP TRAP Integration

Postby floki » Mon Jan 07, 2019 4:39 am

floki
 
Posts: 65
Joined: Tue Dec 18, 2018 5:23 am

Re: SNMP TRAP Integration

Postby tgriep » Mon Jan 07, 2019 3:29 pm

When the snmptt daemon runs, it checks the /var/spool/snmptt folder for new traps and if it finds one, it processes the trap and removes the file from the spool folder when it is done so that is why that folder is empty.


I am guessing you are talking about the missing EXEC entries in the snmptt.conf file, correct?
If so, the default snmptt.conf file that comes with the snmptt package, do not have the EXEC line defined it them.
You can manually add them if you want by copying one from another trap entry and update the text in the string.

Adding the trap2sink option to the snmpd.conf file is OK but it looks like it will only send coldStart traps and authentication failure traps if it is enabled in the file.
See this link for more details.
http://www.net-snmp.org/tutorial/tutorial-5/commands/snmptrap.html
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 8204
Joined: Thu Oct 30, 2014 9:02 am

Re: SNMP TRAP Integration

Postby floki » Mon Jan 07, 2019 11:22 pm

Thanks for reply!

Gone through the tutorial, and got some questions hehe

1. How can centos 7 send snmp traps simultaneously? not just coldstart, I mean memory, cpu..etc.? because I want to simulate a Client sending SNMP trap simultaneously then a Nagios Server will Monitor them

2. Is there any configuration I need to change in submit_check_result? or this is just fine?
Code: Select all
#!/bin/bash

# SUBMIT_CHECK_RESULT
# Written by Ethan Galstad (egalstad@nagios.org)
# Last Modified: 02-18-2002
#
# This script will write a command to the Nagios command
# file to cause Nagios to process a passive service check
# result.  Note: This script is intended to be run on the
# same host that is running Nagios.  If you want to
# submit passive check results from a remote machine, look
# at using the nsca addon.
#
# Arguments:
#  $1 = host_name (Short name of host that the service is
#       associated with)
#  $2 = svc_description (Description of the service)
#  $3 = return_code (An integer that determines the state
#       of the service check, 0=OK, 1=WARNING, 2=CRITICAL,
#       3=UNKNOWN).
#  $4 = plugin_output (A text string that should be used
#       as the plugin output for the service check)
#

echocmd="/bin/echo"

# modified path according to installation
CommandFile="/var/spool/nagios/cmd/nagios.cmd"

# get the current date/time in seconds since UNIX epoch
datetime=`date +%s`

# create the command line to add to the command file
cmdline="[$datetime] PROCESS_SERVICE_CHECK_RESULT;$1;$2;$3;$4"

# append the command to the end of the command file
`$echocmd $cmdline >> $CommandFile`

Thanks a lot!
floki
 
Posts: 65
Joined: Tue Dec 18, 2018 5:23 am

Re: SNMP TRAP Integration

Postby tgriep » Tue Jan 08, 2019 11:16 am

1. If you want to send SNMP trap from the Centos7 server to the Nagios server with memory, cpu information, you would have to find some sort of application that you run in the server that will send that information.
One option is to setup another Nagios Core server that run tests itself and then sends the test results to your main Nagios Core server using SNMP Traps.
http://askaralikhan.blogspot.com/2010/02/sending-snmp-traps-from-nagios.html
It will get you something you can use for testing.

Else, you can just send traps from the command line using the snmptrap command.
http://net-snmp.sourceforge.net/wiki/index.php/TUT:snmptrap


2. The submit_check_result script you posted is the default script and is should work for you.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 8204
Joined: Thu Oct 30, 2014 9:02 am

Re: SNMP TRAP Integration

Postby floki » Wed Jan 09, 2019 4:41 am

Thanks for your help! Was able to implement the snmp trap alerts smoothly with Nagios Core. Now the only remaining task is to know which trap is useful to monitor. Do you have some guides on how to choose SNMP traps out of the device's MIB? like for example CISCO ASA or SAN storage? I'm using MIB browser by iReasoning but it's still hard for me to determine which I should monitor :D
floki
 
Posts: 65
Joined: Tue Dec 18, 2018 5:23 am

Re: SNMP TRAP Integration

Postby tgriep » Wed Jan 09, 2019 3:02 pm

Typically, you would add all on the Trap entries to the snmptt daemon's config file to receive all of them from the remote devices.
Then, it you don't want some, you can remove the entries from the snmptt.conf file.

I don't know of a list or Traps to choose from but you could search the manufacturers site for any details or your favorite internet search site.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 8204
Joined: Thu Oct 30, 2014 9:02 am

Re: SNMP TRAP Integration

Postby floki » Wed Jan 09, 2019 9:08 pm

Alright! Thanks a lot, I guess the real hard part is to determine which snmp trap to use. Thanks for all help we can now close this topic :D
floki
 
Posts: 65
Joined: Tue Dec 18, 2018 5:23 am

Re: SNMP TRAP Integration

Postby tgriep » Thu May 30, 2019 2:49 pm

This site has instructions for integrating SNMP Traps into Nagios Core.
https://askaralikhan.blogspot.com/2010/12/receiving-snmp-traps-in-nagios.html

The instructions are for a Centos system but it should use the same config settings except for installing the Net-SNMP and the snmptt packages, you would use apt to install them.

Take a look at it and if you have any questions, post them here.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 8204
Joined: Thu Oct 30, 2014 9:02 am


Return to Nagios SNMP Trap Interface

Who is online

Users browsing this forum: No registered users and 2 guests