Hello
If someone has a working setup where nagios receives snmp traps, I would really like to see some example config. provide snmptrapd.conf etc.
Hello
If someone has a working setup where nagios receives snmp traps, I would really like to see some example config. provide snmptrapd.conf etc.
This is the installation tutorial that works:
snmptt.sourceforge.net/docs/snmp … n-Overview
I have set it up as explained and installed nagtrap (which gives you web frontend in Nagios web GUI that prints all traps recorded in database).
Nagtrap:
nagtrap.org/dokuwiki/doku.ph … stallation
The main thing you should do is properly configure snmptt to receive traps you wish to accept and then with the EXEC variable in snmptt.conf file you can run a script that would process the Passive check result to nagios,
done through submit_check_result. You have to define some passive services for traps in nagios which would accept passive results from a script.
example of snmptt.conf file (in which you defined which traps should be recorded in database and processed and which not, everything is very well explained in the link I’ve provided above for the snmptt):
EVENT event_name event_OID "category" severity
FORMAT $2 - $1 - $X $x
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $R 'service_description' 2 "$2"
NODES x.x.x.x
MATCH MODE=and
MATCH $2: (needed string)
MATCH $1: !(forbidden_string)
That way, any trap that comes and is filtered through **snmptt.conf **rules, will send a submit_check_result to nagios.
Original *submit_check_result *must have arguments like this:
in the upper example i have provided:
$R for the $HOSTNAME$ as it is described in:
snmptt.sourceforge.net/docs/snmp … ONF-FORMAT
’service_description’ for the '$SERVICEDESC$'
you can extract part of the $1 variable binding from trap as service description and provide the same extracted part as service_description variable in nagios service definition
2 for the $SERVICESTATE$
This can be 0, 1, 2 or 3 dependently on how you consider the trap output. As Warning state, Critical, Ok or Unknown
$2 for the ‘$OUTPUT$’
Those $1, $2, $3 and so on in the snmptt.conf file are the trap variable bindings. Check the traps you’re receiving and use them as you wish. In this link those are explained as $n:
snmptt.sourceforge.net/docs/snmp … ONF-FORMAT
submit_check_result script should look like this:
[code]#!/bin/sh
echocmd="/bin/echo"
CommandFile="/path/to/rw/nagios.cmd"
datetime=date +%s
cmdline="$datetime] PROCESS_SERVICE_CHECK_RESULT;$1;$2;$3;$4"
$echocmd $cmdline >> $CommandFile
[/code]
Quite a resort. I have installed all the needes programs, but I feel I am so far from getting it to work. This is a big project for me to do…
Yeah, it is, but once you get it working you’ll se the benefit.
Okay, now I got it working. Few problems are: If service is active_check disabled, it seems I cannot “force check” it, to clear the trap. So I use active_check enabled and then can clear the trap. What about host names, could I make an alias ni nagios that HOST and host would mean the same? What is nagtrap used for? It seems that it is only part that is not working, but I can get important traps and notifications sent using nagios and that was my main goal
The main question remaining is, how to set up nagvis and see the nagvis webpage? I have read the documentation and installation instruction but still there is only blank page I am seeing.
As i am having quite some problems configuring nagios to work with traps i’ll try to post a few steps to start with…
I’m runnning nagios (compiled from source) on Debian.
You’ll need snmptrapd (it’s part of snmpd), snmptt and obviously nagios.
configure /etc/default/snmpd to run snmptrapd with the -On option and restrat snmpd
these are the two lines i needed to change:
TRAPDRUN=yes
TRAPDOPTS='-On -Lsd -p /var/run/snmptrapd.pid'
for testing i created two MIB definition files as shown here:
net-snmp.org/wiki/index.php/ … MIv1_Traps
if you installed snmptt you should also have snmpttmibtranslate, run it against all mib files you have:
cd /usr/share/mibs/netsnmp
for i in *; do snmpttconvertmib --in=$i --out=/etc/snmp/snmpttconf/all.conf; done
this translates the mib file sand puts them in the out file.
modify /etc/snmp/snmptt.ini to use that last file…
snmptt_conf_files = <<END
/etc/snmp/snmpttconf/all.conf
END
restart snmptt
Now you can modify snmptt.ini to use DEBUG, set the debug file too…
remeber to restart snmptt
If you cretaed the two MIB files above you should now be able to send a trap with:
snmptrap -v 2c -c public 10.10.10.10 "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 123456
change community and receiving host IP address to meet your needs and you should see the trap managed by snmptt in the debug file.
If all worked up to here we now need to modify the all.conf file so that snmptt does something with the trap, we want it to be sent to nagios.
first we modify the trap we are intersted in (in this case the demo notification) so that it calls an eventhandler (which will write the info in the nagios.cmd file)
search the right trap in all.conf and add an EXEC line:
EVENT netSnmpExampleHeartbeatNotification .1.3.6.1.4.1.8072.2.3.0.1 "Status Events" Normal
FORMAT An example notification, used to illustrate the $*
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result localhost testtrap 1 "test trap recevied"
don’t touch the SDESC part…
we are telling snmptt to run the submit_check_result script with some parameters. theorically we should use $r as hostname, but that gives us the FQDN on localhost and that’s not what we wnat right now.
now we need the script itself:
create the eventhandlers directory if you don’t already have it and then
vi /usr/local/nagios/libexec/eventhandlers/submit_check_result
#!/bin/bash
data=`date +%s`
echo ""$data"] PROCESS_SERVICE_CHECK_RESULT;$1;$2;$3;$4" >> /usr/local/nagios/var/rw/nagios.cmd
now create a passive check named traptest for the localhost in nagios, restart nagios and snmptt and you should get the trap in nagios (it will be a warning having an exit code of 1.
Add the user snmptt to the nagcmd group
usermod -a -G nagcmd snmptt
or the submit_check-result script run by user snmptt won’t be able to write in the nagios command file
In the EXEC command od all.cpnf we used localhost, to use the correct hostname you need to associate the IP address of the trap generator to the hostname you use in nagios in the /etc/hosts file and change the EXEC lines:
To receive Link Down and up traps i used the following:
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $r "IF-MIB Trap
s" 1 "Link Change: $* state changed to Down"
on the host i defined a service called “IF-MIB Traps” and this is what i get:
hostname IF-MIB Traps OK 05-04-2011 12:11:15 0d 0h 5m 57s 1/1 Link Change: 16 state changed to Up
I hope i didn’t miss any important passages in writing this down… let me know if you have problems
First and foremost; to the contributors of this post, this was a great extension to the official documentation. I have followed the documentation and the write-ups here and still have 1 problem. The traps being filtered from SNMPTT to Nagios are not showing up in the GUI. I see the traps being fed in by the event scheduler:
You can catch them going to nagios.cmd:
more /usr/local/nagios/var/rw/nagios.cmd
[1361991698] PROCESS_SERVICE_CHECK_RESULT;asr9k-ag04-1;TRAP;1;A linkUp trap signifies that the SNMP entity, acting in an 8 tunnel-ip11001 tunnel up
I have the service define for nagios:
###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
###############################################################################
# Define the switch that we'll be monitoring
define host{
use generic-switch ; Inherit default values from a template
host_name asr9k-ag04-1 ; The name we're giving to this switch
alias asr9k-ag04-1 ; A longer name associated with the switch
address 10.122.81.69 ; IP address of the switch
hostgroups switches ; Host groups this switch is associated with
}
###############################################################################
###############################################################################
#
# HOST GROUP DEFINITIONS
#
###############################################################################
###############################################################################
# Create a new hostgroup for switches
define hostgroup{
hostgroup_name switches ; The name of the hostgroup
alias Network Switches ; Long name of the group
}
###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################
# Create a service to PING to switch
define service{
name ping ; Name of service
use generic-service ; Inherit values from a template
service_description ping ; The service description
check_command check_ping!200.0,20%!600.0,60% ; The command used to monitor the service
normal_check_interval 5 ; Check the service every 5 minutes under normal conditions
retry_check_interval 1 ; Re-check the service every minute until its final/hard state is determined
}
# Monitor uptime via SNMP
#define service{
# use generic-service ; Inherit values from a template
# service_description Uptime
# check_command check_snmp!-C public -o sysUpTime.0
# }
# Monitor Port 1 status via SNMP
#define service{
# use generic-service ; Inherit values from a template
# service_description Port 1 Link Status
# check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB
# }
###############################
#Trap services
###############################
define service{
name TRAP
use generic-service
register 0
service_description TRAP
is_volatile 1
check_command check-host-alive
flap_detection_enabled 0
process_perf_data 0
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
passive_checks_enabled 1
check_period 24x7
notification_interval 31536000
active_checks_enabled 0
notification_options w,u,c
}
###############################################################################
###############################################################################
#
# ASSOCIATE SERVICE DEFINITIONS
#
###############################################################################
###############################################################################
define service{
host_name asr9k-ag04-1 ; hostname is define /etc/hosts file
use ping ; ping / alive service
}
define service{
host_name asr9k-ag04-1 ; hostname is define /etc/hosts file
use TRAP ; ping / alive service
}
There has to be something I missed with the initial setup… Any help with be much appreciate.
Nagios® Core™ 3.3.1
Figured out the problem … i had an old installation of nagios before I upgraded that used a different spooling path.
/var/spool/nagios/nagios.cmd is the default path 3.3.1