Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

How to pass SNMP Trap information to Email

https://support.nagios.com/forum/viewtopic.php?t=52782

Page 1 of 1

How to pass SNMP Trap information to Email

Posted: Mon Mar 04, 2019 4:04 am
by vlakshman
Hey Guys,

1) I have configured SNMP Agent (snmpd) on sender and SNMP Trap (snmptrapd) on receiver which is on same server Nagios is running.
2) I have also configured NSTI to display and view traps which is working fine


Questions:

1) I see some 5 Traps gets delivered on every SNMP Authentication Failure. Is there a way to restrict trap to only 1 on failure?
2) I would also like to send mail on receiving SNMP Trap. I have added traphandle in snmptrapd.conf and mail are also getting triggered upon Trap reception. I would like to know how to pass information of traps into this email.

#traphandle default /usr/bin/mail /usr/bin/printf "%b" "Nagios Environment: Test\n\nType: Trap Alert\n\n" | mail -s "**Nagios Environment: Test Type: Trap Alert Agent Address: %A Agent Hostname: %B **" -r "FROM_ADDRESS" RECIPIENT_ADDRESS

Re: How to pass SNMP Trap information to Email

Posted: Mon Mar 04, 2019 4:06 pm
by ssax
Are the five auth traps coming from the device (see option 1) or is it one auth trap and then nagios submits it five times (see option 2)?

1. You should be able to adjust these settings in your /etc/snmp/snmptt.ini:

Code: Select all

# How often duplicate traps will be processed.  An MD5 hash of all incoming traps
# is stored in memory and is used to check for duplicates.  All variables except for
# the uptime variable are used when calculating the MD5.  The larger this variable,
# the more memory snmptt will require.
# Note:  In most cases it may be a good idea to enable this but sometimes it can have a
#        negative effect.  For example, if you are trying to troubleshoot a wireless device
#        that keeps losing it's connection you may want to disable this so that you see
#        all the associations and disassociations.
# 5 minutes = 300
# 10 minutes = 600
# 15 minutes = 900
duplicate_trap_window = 0
Or even this:

*** NOTE: This could also be that you have that trap definition defined five times in your /etc/snmp/snmptt.conf file
- You could either remove the others or change the option below to 0

Code: Select all

# Set to 1 to allow multiple trap definitions to be executed for the same trap.
# Set to 0 to have it stop after the first match.
# This option should normally be set to 1.  See the section 'SNMPTT.CONF Configuration
# file Notes' in the SNMPTT documentation for more information.
# Note: Wildcard matches are only matched if there are NO exact matches.  This takes
#       into consideration the NODES list.  Therefore, if there is a matching trap, but
#       the NODES list prevents it from being considered a match, the wildcard entry will
#       only be used if there are no other exact matches.
multiple_event = 1
Don't forget to restart SNMPTT:

Code: Select all

service snmptt restart
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited