snmp traps
Posted: Mon Nov 19, 2012 1:12 pm
Hi folks.
Ok so we have started to revisit snmp traps once again.
We have gotten so far as getting traps logged in snmptt.log:
Mon Nov 19 09:54:51 2012 .1.3.6.1.4.1.2636.4.1.1 Critical "Status Events" 71conn88 - A jnxPowerSupplyFailure trap signifies that 1073741824 1073741823 1073741823 1073741823 abcdefghijklmnopqrst standby
and we get the same thing logged in snmpttunknown.log:
Mon Nov 19 09:54:51 2012: Unknown trap (.1.3.6.1.4.1.2636.4.1.0.1) received from 71conn88 at:
Value 0: 71conn88
Value 1: 69.176.191.88
Value 2: 12:16:02:39.21
Value 3: .1.3.6.1.4.1.2636.4.1.0.1
Value 4: 69.176.191.88
Value 5: chassis-trap
Value 6: .1.3.6.1.4.1.2636.4.1
Value 7:
Value 8:
Value 9:
Value 10:
Ent Value 0: .1.3.6.1.4.1.2636.3.1.8.1.1.1073741824.1073741823.1073741823.1073741823=1073741824
Ent Value 1: .1.3.6.1.4.1.2636.3.1.8.1.2.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 2: .1.3.6.1.4.1.2636.3.1.8.1.3.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 3: .1.3.6.1.4.1.2636.3.1.8.1.4.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 4: .1.3.6.1.4.1.2636.3.1.8.1.6.1073741824.1073741823.1073741823.1073741823=abcdefghijklmnopqrst
Ent Value 5: .1.3.6.1.4.1.2636.3.1.13.1.6.1073741824.1073741823.1073741823.1073741823=standby
So we get a bunch of values in the first one log that don't make sense at all.
Next is that while we appear to receive traps, no alerts get sent. Now is this due to the hostname? This is
a spooftrap from one of our junipers. We have an snmp trap alert setup for the juniper which is setup as
a host and have nagios monitor all the interfaces on it.
On our old whats up server, a spooftrap would trigger an alert. So what are we missing here? We can recieve
traps, but nothing is getting triggered to alert us that we did get a trap from the host.
Thanks,
Keith
Ok so we have started to revisit snmp traps once again.
We have gotten so far as getting traps logged in snmptt.log:
Mon Nov 19 09:54:51 2012 .1.3.6.1.4.1.2636.4.1.1 Critical "Status Events" 71conn88 - A jnxPowerSupplyFailure trap signifies that 1073741824 1073741823 1073741823 1073741823 abcdefghijklmnopqrst standby
and we get the same thing logged in snmpttunknown.log:
Mon Nov 19 09:54:51 2012: Unknown trap (.1.3.6.1.4.1.2636.4.1.0.1) received from 71conn88 at:
Value 0: 71conn88
Value 1: 69.176.191.88
Value 2: 12:16:02:39.21
Value 3: .1.3.6.1.4.1.2636.4.1.0.1
Value 4: 69.176.191.88
Value 5: chassis-trap
Value 6: .1.3.6.1.4.1.2636.4.1
Value 7:
Value 8:
Value 9:
Value 10:
Ent Value 0: .1.3.6.1.4.1.2636.3.1.8.1.1.1073741824.1073741823.1073741823.1073741823=1073741824
Ent Value 1: .1.3.6.1.4.1.2636.3.1.8.1.2.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 2: .1.3.6.1.4.1.2636.3.1.8.1.3.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 3: .1.3.6.1.4.1.2636.3.1.8.1.4.1073741824.1073741823.1073741823.1073741823=1073741823
Ent Value 4: .1.3.6.1.4.1.2636.3.1.8.1.6.1073741824.1073741823.1073741823.1073741823=abcdefghijklmnopqrst
Ent Value 5: .1.3.6.1.4.1.2636.3.1.13.1.6.1073741824.1073741823.1073741823.1073741823=standby
So we get a bunch of values in the first one log that don't make sense at all.
Next is that while we appear to receive traps, no alerts get sent. Now is this due to the hostname? This is
a spooftrap from one of our junipers. We have an snmp trap alert setup for the juniper which is setup as
a host and have nagios monitor all the interfaces on it.
On our old whats up server, a spooftrap would trigger an alert. So what are we missing here? We can recieve
traps, but nothing is getting triggered to alert us that we did get a trap from the host.
Thanks,
Keith