Nagios Support Forum

Posted: **Wed May 15, 2019 7:04 am**

Hello we are facing issues with SNMP Traps configured from the wizard:

We have setup traps to be sent from linux and network devices

Here is the output of snmptt log:

Code: Select all

 tail -F /var/log/snmptt/snmptt.log

Wed May 15 14:42:32 2019 .1.3.6.1.4.1.11.2.3.7.11.154.0.2 Normal "Status Events" ********* - An SNMP trap that is generated for an RMON event on a J9728A 2920-48G Switch. W 09/27/90 15:55:56 03362 auth: User 'manager' login from *********
Wed May 15 14:42:33 2019 .1.3.6.1.4.1.11.2.3.7.11.154.0.2 Normal "Status Events" ********* - An SNMP trap that is generated for an RMON event on a J9728A 2920-48G Switch. I 09/27/90 15:55:57 00179 mgr: SME SSH from ********* - MANAGER Mode
Wed May 15 14:43:07 2019 .1.3.6.1.4.1.11.2.3.7.11.154.0.2 Normal "Status Events" ********* - An SNMP trap that is generated for an RMON event on a J9728A 2920-48G Switch. W 05/13/90 02:30:48 03362 auth: User 'manager' login from *********
Wed May 15 14:43:08 2019 .1.3.6.1.4.1.11.2.3.7.11.154.0.2 Normal "Status Events" ********* - An SNMP trap that is generated for an RMON event on a J9728A 2920-48G Switch. I 05/13/90 02:30:49 00179 mgr: SME SSH from ********* - MANAGER Mode

And the output of tcpdump:

Code: Select all

tcpdump port 162 -i any
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
14:59:41.215371 IP ********.snmp > nagios.flexopack.com.snmptrap:  C="********" Trap(169)  E:hp.2.3.7.11.154 ******** enterpriseSpecific s=2 1141483598 16.9.1.1.2.236=57_20_30_35_2f_31_33_2f_39_30_20_30_32_3a_34_37_3a_32_32_20_30_30_32_33_36_20_73_6e_6d_70_3a_20_53_4e_4d_50_20_53_65_63_75_72_69_74_79_20_61_63_63_65_73_73_20_76_69_6f_6c_61_74_69_6f_6e_20_66_72_6f_6d_20_31_39_32_2e_36_38_2e_37_2e_31_33_0a_20_20_20_20_20_20_20_20_20_20_20_20_28_39_20_74_69_6d_65_73_20_69_6e_20_36_30_20_73_65_63_6f_6e_64_73_29
15:00:14.121832 IP ********.snmp > nagios.flexopack.com.snmptrap:  C="********" Trap(132)  E:hp.2.3.7.11.154 ******** enterpriseSpecific s=2 2330001188 16.9.1.1.2.236="W 09/27/90 16:13:38 00236 snmp: SNMP Security access violation from ********"

The security access violation is from another NMS.

I tested with this command and the corresponding trap on localhost works fine:
snmptrap -v 2c -c asdfafs localhost '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 2000

I have completed the step of configuring through Admin->Unconfigured Objects

Posted: **Wed May 15, 2019 3:56 pm**

Are you seeing an error somewhere in XI?

tail the nagios.log while you send the trap:

tail -f /usr/local/nagios/var/nagios.log

Posted: **Thu May 16, 2019 3:27 am**

No errors pop up there, I even cat/greped and there don't seem to be any

One specific host/service :

Code: Select all

CURRENT SERVICE STATE: PL_Prod48P_SW;SNMP Traps;OK;HARD;1;OK: TRAP RESET

Posted: **Thu May 16, 2019 2:06 pm**

What issues are you seeing exactly? Are dashboards not showing correct information?

Please PM me a profile from Admin > System Config > System Profile, and a copy of the /etc/snmp/ directory.

Posted: **Mon May 20, 2019 3:49 am**

The issue is that in service view the traps never get displayed/updated it's always showing "OK - Trap Reset"

I PMed you the files

Posted: **Mon May 20, 2019 2:50 pm**

The profile didn't come through. How large is it? We may need to open a ticket or have you upload it somewhere to get it. I believe the size limit on PMs is 5MB.

Also, I don't see any handler configured for these OIDs:

.1.3.6.1.4.1.11.2.3.7.11.154.0.2
hp.2.3.7.11.154

See https://assets.nagios.com/downloads/nag ... h-NXTI.pdf for setting up traps with NXTI - a handler is specified with an EXEC command like the one on page 4.

Also, try running the snmptrap command from a remote machine:

Code: Select all

snmptrap -v 2c -c public xi_ip '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 2000

Does it update the status page? There does appear to be a handler configured for this OID.

Posted: **Wed May 22, 2019 4:01 am**

cdienger wrote:
Also, try running the snmptrap command from a remote machine:
Code: Select all
snmptrap -v 2c -c public xi_ip '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 2000
Does it update the status page? There does appear to be a handler configured for this OID.

Yes this trap works. What I need is a generic Trap Service that could be able to receive any trap and display it. The point is the trap definnitions on the machines to be monitored are endless and it would cost a lot to add oids one by one. The plan is 1 trap per host.

I PMed you the profile file again its less than 5MB

Posted: **Wed May 22, 2019 3:58 pm**

You'll want to use a wildcard character in in the trap definition to catch all OIDs after a certain level. The screenshot attached would send all traps to "CatchAll" if the OID starts with .1.3.6.

Nagios Support Forum

SNMP Traps not working

SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working

Re: SNMP Traps not working