Overview
This KB article explains how to configure Nagios XI to receive SNMP traps from Nagios Network Analyzer (NNA).
It is assumed that Nagios XI is already configured to receive SNMP traps, if it is not please follow the steps in this documentation:
Documentation - How to Integrate SNMP Traps With Nagios XI
Nagios XI - Configure Traps
To receive the traps from NNA you need to import the traps definitions into the /etc/snmp/snmptt.conf file using this command:
/usr/local/bin/addmib /usr/share/snmp/mibs/NAGIOS-NOTIFY-MIB.txt
Next you will update the trap EXEC line and replace "$s" with "$3" to allow the correct numeric service state to be passed through to Nagios XI.
Edit the /etc/snmp/snmptt.conf file using the vi text editor:
vi /etc/snmp/snmptt.conf
When using the vi editor, to make changes press i on the keyboard first to enter insert mode. Press Esc to exit insert mode.
Find the following EVENT line:
EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal
In the EXEC line change "$s" to "$3" as per:
From:
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "The SNMP trap that is generated as a result of an event requiring $*"
To:
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$3" "$@" "$-*" "The SNMP trap that is generated as a result of an event requiring $*"
The change should look like:
EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal
FORMAT The SNMP trap that is generated as a result of an event with the service $*
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$3" "$@" "$-*" "The SNMP trap that is generated as a result of an event with the service $*"
SDESC
The SNMP trap that is generated as a result of an event with the service
in Nagios.
Variables:
1: nHostname
2: nHostStateID
3: nSvcDesc
4: nSvcStateID
5: nSvcAttempt
6: nSvcDurationSec
7: nSvcGroupName
8: nSvcLastCheck
9: nSvcLastChange
10: nSvcOutput
EDESC
When you have finished, save the changes in vi by typing :wq and pressing Enter.
Now restart the snmptt service:
service snmptt restart
The file /usr/local/bin/snmptraphandling.py also needs to be updated to allow numeric states.
Edit the /usr/local/bin/snmptraphandling.py file using the vi text editor:
vi /usr/local/bin/snmptraphandling.py
Find this section:
def get_return_code(severity):
severity = severity.upper()
if severity == "INFORMATIONAL":
return_code = "0"
elif severity == "NORMAL":
return_code = "0"
elif severity == "SEVERE":
return_code = "2"
elif severity == "MAJOR":
return_code = "2"
elif severity == "CRITICAL":
return_code = "2"
elif severity == "WARNING":
return_code = "1"
elif severity == "MINOR":
return_code = "1"
else:
printusage()
return return_code
Change it to:
def get_return_code(severity):
severity = severity.upper()
if severity == "INFORMATIONAL":
return_code = "0"
elif severity == "NORMAL":
return_code = "0"
elif severity == "0":
return_code = "0"
elif severity == "SEVERE":
return_code = "2"
elif severity == "MAJOR":
return_code = "2"
elif severity == "CRITICAL":
return_code = "2"
elif severity == "2":
return_code = "2"
elif severity == "WARNING":
return_code = "1"
elif severity == "MINOR":
return_code = "1"
elif severity == "1":
return_code = "1"
elif severity == "3":
return_code = "3"
else:
printusage()
return return_code
You can see these lines were added:
elif severity == "0":
return_code = "0"
elif severity == "2":
return_code = "2"
elif severity == "1":
return_code = "1"
elif severity == "3":
return_code = "3"
When you have finished, save the changes in vi by typing :wq and pressing Enter.
NNA - Define SNMP Receivers
Before you can define an alert to be sent via SNMP we need to define an SNMP receiver to sent the traps to.
Login to NNA and navigate to the Alerting menu.
Click the SNMP Receivers tab
Click the New SNMP Receiver button
Name: XI Server
IP Address: IP Address of Nagios XI server
Port: 162
SNMP Version: 2c
Community String: public
By default Nagios XI does not require a community string for SNMP v2c traps
Click the Finish & Save button
Nagios NA - Create Alert Check
Now you need to define a check that will trigger an SNMP Trap to be sent to Nagios XI. In this example it will send an SNMP Trap if the source port has no data. This might seem like a strange check to create however for the purposes of testing and demonstrating this allows us to make it work almost instantly.
Login to NNA and navigate to the Alerting menu.
Click the Checks tab
Click the New Check button
Name: Source Has Data
Source & View: Select the Source and View (if required) to run the check against
Click the Step Two button
Analyze traffic for: Bytes
Warning threshold is: :0
Critical threshold is: :0
Where The: Source Port is 5050
Click the Step Three button
Click the SNMP Traps tab
Select XI Server from the list
Click the Finish & Save button
Nagios XI - Check Logs & Unconfigured Objects
Now that you have created the check in NNA, within five minutes a SNMP trap will be received by the Nagios XI server. This can be observed by watching the snmptt.log file in an ssh session:
tail -f /var/log/snmptt/snmptt.log
The trap will be logged similar to the following:
Wed Oct 19 16:55:04 2016 .1.3.6.1.4.1.20006.1.7 Normal "Status Events" na-c6x-x64 - The SNMP trap that is generated as a result of an event with the service NagiosNA NA_Source_1 3 bytes on NA_Source_1 with filter 'src port 5050' is 0 | bytes=0;:0;:0;0
When the trap is received by Nagios XI it will be an unconfigured object first.
Log into your Nagios XI web interface.
Navigate to Admin > Monitoring Config > Unconfigured Objects
You'll see the NNA host in the list with the SNMP Traps service.
To add it as a service:
Click the check box next to the host
Next to With Selected click the gear icon (Configure)
The Unconfigured Passive Object wizard will start
Step through the wizard and make any changes required
Once the Wizard is finished there will now be a host and service object created
Within five minutes of adding the SNMP Traps service you will see it update with the data from the received trap.
Final Thoughts
For any support related questions please visit the Nagios Support Forums at: