Home » Categories » Multiple Categories

Nagios XI - Receiving SNMP Traps From Nagios Network Analyzer

Overview

This KB article explains how to configure Nagios XI to receive SNMP traps from Nagios Network Analyzer (NNA).

It is assumed that Nagios XI is already configured to receive SNMP traps, if it is not please follow the steps in this documentation:

Documentation - How to Integrate SNMP Traps With Nagios XI

 

 

Nagios XI - Configure Traps

To receive the traps from NNA you need to import the traps definitions into the /etc/snmp/snmptt.conf file using this command:

/usr/local/bin/addmib /usr/share/snmp/mibs/NAGIOS-NOTIFY-MIB.txt

 

Next you will update the trap EXEC line and replace "$s" with "$3" to allow the correct numeric service state to be passed through to Nagios XI.

Edit the /etc/snmp/snmptt.conf file using the vi text editor:

vi /etc/snmp/snmptt.conf

 

When using the vi editor, to make changes press i on the keyboard first to enter insert mode. Press Esc to exit insert mode.

 

Find the following EVENT line:

EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal

 

In the EXEC line change "$s" to "$3" as per:

From:

EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "The SNMP trap that is generated as a result of an event requiring $*"

To:

EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$3" "$@" "$-*" "The SNMP trap that is generated as a result of an event requiring $*"

 

The change should look like:

EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal
FORMAT The SNMP trap that is generated as a result of an event with the service $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$3" "$@" "$-*" "The SNMP trap that is generated as a result of an event with the service $*"
SDESC
The SNMP trap that is generated as a result of an event with the service
in Nagios.
Variables:
  1: nHostname
  2: nHostStateID
  3: nSvcDesc
  4: nSvcStateID
  5: nSvcAttempt
  6: nSvcDurationSec
  7: nSvcGroupName
  8: nSvcLastCheck
  9: nSvcLastChange
  10: nSvcOutput
EDESC

 

When you have finished, save the changes in vi by typing :wq and pressing Enter.

 

Now restart the snmptt service:

service snmptt restart

 

The file /usr/local/bin/snmptraphandling.py also needs to be updated to allow numeric states.

Edit the /usr/local/bin/snmptraphandling.py file using the vi text editor:

vi /usr/local/bin/snmptraphandling.py

 

Find this section:

def get_return_code(severity):
        severity = severity.upper()
        if severity == "INFORMATIONAL":
                return_code = "0"
        elif severity == "NORMAL":
                return_code = "0"
        elif severity == "SEVERE":
                return_code = "2"
        elif severity == "MAJOR":
                return_code = "2"
        elif severity == "CRITICAL":
                return_code = "2"
        elif severity == "WARNING":
                return_code = "1"
        elif severity == "MINOR":
                return_code = "1"
        else:
                printusage()
        return return_code

 

Change it to:

def get_return_code(severity):
        severity = severity.upper()
        if severity == "INFORMATIONAL":
                return_code = "0"
        elif severity == "NORMAL":
                return_code = "0"
        elif severity == "0":
                return_code = "0"
        elif severity == "SEVERE":
                return_code = "2"
        elif severity == "MAJOR":
                return_code = "2"
        elif severity == "CRITICAL":
                return_code = "2"
        elif severity == "2":
                return_code = "2"
        elif severity == "WARNING":
                return_code = "1"
        elif severity == "MINOR":
                return_code = "1"
        elif severity == "1":
                return_code = "1"
        elif severity == "3":
                return_code = "3"

        else:
                printusage()
        return return_code

 

You can see these lines were added:

        elif severity == "0":
                return_code = "0"
        elif severity == "2":
                return_code = "2"
        elif severity == "1":
                return_code = "1"
        elif severity == "3":
                return_code = "3"

 

When you have finished, save the changes in vi by typing :wq and pressing Enter.

 

 

NNA - Define SNMP Receivers

Before you can define an alert to be sent via SNMP we need to define an SNMP receiver to sent the traps to.

Login to NNA and navigate to the Alerting menu.

Click the SNMP Receivers tab

Click the New SNMP Receiver button

Name: XI Server

IP Address: IP Address of Nagios XI server

Port: 162

SNMP Version: 2c

Community String: public

By default Nagios XI does not require a community string for SNMP v2c traps

Click the Finish & Save button

 

 

Nagios NA - Create Alert Check

Now you need to define a check that will trigger an SNMP Trap to be sent to Nagios XI. In this example it will send an SNMP Trap if the source port has no data. This might seem like a strange check to create however for the purposes of testing and demonstrating this allows us to make it work almost instantly.

Login to NNA and navigate to the Alerting menu.

Click the Checks tab

Click the New Check button

Name: Source Has Data

Source & View: Select the Source and View (if required) to run the check against

Click the Step Two button

Analyze traffic for: Bytes

Warning threshold is: :0

Critical threshold is: :0

Where The: Source Port is 5050

Click the Step Three button

Click the SNMP Traps tab

Select XI Server from the list

Click the Finish & Save button

 

 

Nagios XI - Check Logs & Unconfigured Objects

Now that you have created the check in NNA, within five minutes a SNMP trap will be received by the Nagios XI server. This can be observed by watching the snmptt.log file in an ssh session:

tail -f /var/log/snmptt/snmptt.log

 

The trap will be logged similar to the following:

Wed Oct 19 16:55:04 2016 .1.3.6.1.4.1.20006.1.7 Normal "Status Events" na-c6x-x64 - The SNMP trap that is generated as a result of an event with the service NagiosNA NA_Source_1 3 bytes on NA_Source_1 with filter 'src port 5050' is 0 | bytes=0;:0;:0;0

 

When the trap is received by Nagios XI it will be an unconfigured object first.

Log into your Nagios XI web interface.

Navigate to Admin > Monitoring Config > Unconfigured Objects

You'll see the NNA host in the list with the SNMP Traps service.

To add it as a service:

Click the check box next to the host

Next to With Selected click the gear icon (Configure)

The Unconfigured Passive Object wizard will start

Step through the wizard and make any changes required

Once the Wizard is finished there will now be a host and service object created

 

Within five minutes of adding the SNMP Traps service you will see it update with the data from the received trap.

 

 

 

Final Thoughts

For any support related questions please visit the Nagios Support Forums at:

http://support.nagios.com/forum/

0 (0)
Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nagios XI - Integrating On-Call Schedules with Nagios - NWC13
Viewed 631 times since Tue, Feb 9, 2016
Nagios XI - Installing The AIX Agent
Viewed 1051 times since Wed, Jan 27, 2016
Nagios XI - Understanding Email Sending
Viewed 1159 times since Tue, May 2, 2017
Nagios XI - Adding Services To Pre-existing Switch or Router
Viewed 1014 times since Wed, Jan 27, 2016
Nagios XI - Sending SNMP Traps
Viewed 799 times since Thu, Jan 28, 2016
Nagios XI - High Availability and Failover Solutions for Nagios XI - NWC14
Viewed 819 times since Thu, Feb 4, 2016
Nagios XI - Using Nagios XI As A Security Tool - Software Versions
Viewed 429 times since Wed, Jul 19, 2017
Nagios XI - Enabling Memcached Support
Viewed 540 times since Wed, Jan 27, 2016
Nagios XI - Group Deployment of Service Checks - NWC15
Viewed 648 times since Mon, Feb 8, 2016
Nagios XI - Understanding the Nagios XI Directory Structure
Viewed 723 times since Thu, Jan 28, 2016