Ad Widget

**MrKen** · 12-07-2010, 10:37

Hi,

A couple of things:
1. Sending failed. Use option -vv for more detailed output. Is an error message from Zabbix_sender, so in your snmptrap.sh you can add -vv to the zabbix_sender command for a little bit more (obscure) info.
$ZABBIX_SENDER -vv -z $ZABBIX_SERVER -p $ZABBIX_PORT -s $HOST -k $KEY -o "$str"

2. In snmptrap.sh where it says ZABBIX_SERVER= You have the real Ip address, don't you. Of course you do.

3. In zabbix_server.log it says "Connection to database 'zabbix' failed". If zabbix cannot connect to the database then there is nowhere for the snmptrap to be sent to, because zabbix isn't running. You need to fix this problem first!

MrKen

**Andersk** · 14-07-2010, 08:16

Thanks!

Thanks a lot MrKen. I didn't realize that the zabbix_server was down. It works now. Now my next objective is to figure out how to get notified when the traps are received by zabbix.

Here is another question. (A more general one, that doesn't really fit in this topic) anyway:

The traps received in zabbix are of type character. (Because the item has to be of type character so the hole thing works. Right?) The traps that I receive are originally numbers (temperature). And these numbers becomes characters in zabbix. My triggers should respond to these characters like they where numbers. (as they are intended to be). But I can't make a trigger respond to an expression that is intended for an item of numeric type. Is there a way to get around this?

**MrKen** · 14-07-2010, 09:04

Depending on what type of devices you're monitoring, there are thousands of snmptraps that you can catch. But, you don't want to catch all of them otherwise you will go mad trying to keep up with them all. Link Up, Link Down, Link Up, Link Down, etc. . . . .

You need to go through your MIBs and decide which traps are important to you, and create individual triggers for them.

For example, a snippet from a Compaq mib:

Code:

cpqHe3FltTolPowerRedundancyLost TRAP-TYPE
        ENTERPRISE compaq
        VARIABLES  { sysName, cpqHoTrapFlags, cpqHeFltTolPowerSupplyChassis }
        DESCRIPTION
            "The Fault Tolerant Power Supplies have lost redundancy for
            the specified chassis."

When I recieve this trap, in Latest Data I will receive, among other things, cpqHe3FltTolPowerRedundancyLost. So my trigger is looking for that string. (Note that I am using snmptt to translate the traps. The actual OID is also a string .1.3.6.1.4.1.232.0.6032).

My trigger for that trap is

({Compaq:snmptraps.str(cpqHe3FltTolPowerRedundancyLost)}=1)&({Compaq:snmptraps.nodata(30)}=0)

but this would also work

({Compaq:snmptraps.str(.1.3.6.1.4.1.232.0.6032)}=1)&({Compaq:snmptraps.nodata(30)}=0)

The last part of the trigger [nodata] is to reset the trigger from Problem back to OK.

Hope this is of some help.
MrKen

**Wonderer** · 14-07-2010, 10:21

Do not consider like advertisement

http://zabbix.com/wiki/howto/monitor...a_new_solution

**Andersk** · 15-07-2010, 08:42

MrKen:
That helped me understand a lot more. Thanks again! But still, in your snippet, and in my MIB file, I don't see any OID like .1.3.6.1.4.1.232.0.6032. So how do I know which trap is which when I make individual triggers? - Or how does snmptt know?

Wondrer:
As I'm a beginner at this. The new soulution seems a bit more difficult, and I don't know if I need more functionality. But I have tried anyway, and would like to make it work to learn more. It seems like I receive traps because the item appears in the latest data section, but with no information at all. Not when it was received or anything. With this limited information, do you know what I should do? Is the key in the zabbix item supposed to be the zabbix_item name from the script?

**MrKen** · 15-07-2010, 09:00

Originally posted by Andersk

So how do I know which trap is which when I make individual triggers? - Or how does snmptt know?

Hi Andersk,

Part of snmptt is a mib converter called snmpttconvertmib. It reads the mibs that you tell it to read and creates a file which becomes part of the snmptt.conf. Here is part of what I can see inside snmptt.conf.compaq:

EVENT cpqHe3FltTolPowerRedundancyLost .1.3.6.1.4.1.232.0.6032 "Status Events" CRITICAL
FORMAT Power Redundancy Lost: The Power Supplies are no longer redundant on Chassis $3.

So, from that I can see the OID.

On the other hand, you can just do it yourself with snmptranslate:

[root@zabbix bin]# snmptranslate -On CPQHLTH-MIB::cpqHe3FltTolPowerRedundancyLost
.1.3.6.1.4.1.232.0.6032

Also, keep in mind when checking your mib files that you are only looking for TRAP-TYPE. [ cat CPQHLTH-MIB.mib | grep TRAP ] Not all mibs have traps.

MrKen

**Wonderer** · 15-07-2010, 14:34

Andersk:
key of the item (with any name) must be the numeric representation of the traps your are going to wait for (you must search for it in the MIB files).
Or otherwise you have to define at least of "generic" item with the name same as you define in the scripts variable $ZABBIX_ITEM

**Andersk** · 15-07-2010, 14:58

Finally I understood the "MIB thing" Thank you for explaning!

Wondrer: I was wrong. I snmptrapd does not send anything to zabbix.But it does not give me any error messages. Simply does not do anything. I believe that I might have done some simple mistake in the script or something. Am I right?

Here is the config part of the perl script:

my $DEBUG = 1;
my $DEBUGFILE = "/tmp/zabbix_snmptrapdebug_new.log";
my $ZABBIX_SERVER = "127.0.0.2"; # Hostname/IP-Address of zabbix-server
my $ZABBIX_PORT = 10051; # Port of zabbix-server (Default: 10051)
my $ZABBIX_ITEM = "snmptrapsPerlItem"; # Default item name to send traps to
my $ZABBIX_SENDER = "/home/zabbix/zabbix-1.8.2/src/zabbix_sender/zabbix_sender"; # Path to your zabbix-sender
my $WILDCARD_HOST = "snmptraps"; # Hostname or IP-Adress of wildcard-host within zabbix
my $SEND_ALL_TO_WILDCARD = 1; # Send all traps to wildcard host
my $ZABBIX_DB_HOST="";
my $ZABBIX_DB_NAME="zabbix";
my $ZABBIX_DB_USER="zabbix";
my $ZABBIX_DB_PASS="";
#Name of the file containing regular expresions if matched with whole combined SNMP trap string to not send them to Zabbix
my $TRAPEXCLUDEFILE="/usr/local/sbin/traps_to_exclude"; #Is this necessary to make it work?
#Name of the file containing the ip<TAB>hostname. Just in case we receive different ip for the same hostname (multiple NICs)
my $ALIASFILE="/usr/local/sbin/aliasfile"; #Is this necessary to make it work?
my $TRIMLONGVALUES=1;

And my snmptrapd.conf file does point to the script under traphandle like this:

traphandle default perl /home/zabbix/zabbix-1.8.2/bin/zabbix_snmptraphandler.pl

This happens in snmptrapd:

Received 43 bytes from UDP: [10.0.2.15]:50569->[10.0.2.15]
2010-07-15 15:14:01 0000: 30 29 02 01 00 04 06 70 75 62 6C 69 63 A4 1C 06 0).....public...
2010-07-15 15:14:01 0016: 07 2B 06 01 04 01 96 26 40 04 0A 2F F7 DD 02 01 .+.....&@../....
2010-07-15 15:14:01 0032: 02 02 01 01 43 03 69 43 F3 30 00 ....C.iC.0.
2010-07-15 15:14:01
2010-07-15 15:14:01 15:14 TRAP2.1

- No sending.

**Wonderer** · 15-07-2010, 16:12

I have found a "bug" in my perl script. Just I did not tested it too much with $SEND_ALL_TO_WILDCARD = 1;

You must add one line $item=$ZABBIX_ITEM; at position 156, so it should look like:

Code:

if ($SEND_ALL_TO_WILDCARD) {
  $str = "($hostname, $ipaddress) ".$str;
  $hostname=$WILDCARD_HOST;
  $item=$ZABBIX_ITEM;
}

Anyway, as you have a DEBUG=1 enabled, you can always look into the /tmp/zabbix_snmptrapdebug_new.log file to understand the problem.

**Andersk** · 19-07-2010, 09:45

I added the line and I get this in the log file:

/home/zabbix/zabbix-1.8.2/src/zabbix_sender/zabbix_sender --zabbix-server 127.0.0.1 --port 10051 --host 127.0.0.2 --key snmptrapsPerlItem --value "(sfjwindows.network.int, 10.0.2.15) , .1.3.6.1.2.1.1.3.0: 0:21:03:17.07, .1.3.6.1.6.3.1.1.4.1.0: .1.3.6.1.6.3.1.1.5.4, .1.3.6.1.4.1.2824.1.0.0.1: .1.3.6.1.4.1.2854, .1.3.6.1.6.3.18.1.3.0: 10.47.247.221, .1.3.6.1.6.3.18.1.4.0: \"public\", .1.3.6.1.6.3.1.1.4.3.0: .1.3.6.1.4.1.2854"
2010-07-19 09:51:42 -- 31686 --Error sending command. Output is: Info from server: "Processed 0 Failed 1 Total 1 Seconds spent 0.000075"
sent: 1; skipped: 0; total: 1

The traps that I create are supposed to have the OID 1.3.6.1.4.1.2854. And that was supposed to be the key in the zabbix item right?

My Zabbix item looks like this:

Attached Files

**Wonderer** · 19-07-2010, 12:18

You should have the default $ZABBIX_ITEM set for any cases, which in your case is "snmptrapsPerlItem". So you must create the item with the key not ".1.3.6.1.4.1.2854" but "snmptrapsPerlItem".

If you are using $SEND_ALL_TO_WILDCARD = 1; in the script, than no "extra" features are used, and no query to the DB for host and key lookup is done. So you can not use ".1.3.6.1.4.1.2854" keys for the $WILDCARD_HOST.
Better if you create several hosts with corresponding key with default $ZABBIX_ITEM, plus the key that you may receive traps from.

Also you first have to configure the net-snmp as described in the manual with the MIB file, and after that you should not see in the traps values like ".1.3.6.1.6.3.1.1.5.4".

Please, read the manual carefully. You should understand some basics of the SNMP before using this solution. Otherwise search for more simple ones.

**Andersk** · 19-07-2010, 14:16

Thank you for the replay. I think I'll stick with the solution I have for now, but might look into this new solution at a later time. Thanks again!

**Andersk** · 22-07-2010, 10:39

Originally posted by MrKen

My trigger for that trap is

({Compaq:snmptraps.str(cpqHe3FltTolPowerRedundancyLost)}=1)&({Compaq:snmptraps.nodata(30)}=0)

but this would also work

({Compaq:snmptraps.str(.1.3.6.1.4.1.232.0.6032)}=1)&({Compaq:snmptraps.nodata(30)}=0)

MrKen

Follow up question to this part, and triggers. My device (Uptime devices temperatur sensor sh2) send traps which I receive. In zabbix latest data the recieved traps look like this:

Timestamp Value
2010.Jul.22 10:24:23 10.47.246.21 SH2 Wrong Wrong 0

I made a trigger like your second suggestion with the OID directly, but it does not react to the traps. I also made triggers that are set to trig on one different parts of the value. (Like "Wrong", "SH2" and the IP) These triggers work.

I would like zabbix to react to the OIDs. But how to I do that when the OID not is in the "Value" section? Will the use of snmptt fix this in some way?

Thanks in advance!

**MrKen** · 22-07-2010, 11:39

What you see in the Latest Data is most likely determined by the trapgen that you are using. What you see may be configurable to send more or less information, but I am not familiar with ncomtech trapgen.

snmptt could provide more information, if you want to go that route.

http://www.brentrjones.com/?p=13

http://www.enfinity.net/tech/2010/02/18/a-better-zabbix-trap-handler-using-snmptt

On the other hand, Wonderer's script may also be able to provide what you need.

Whatever you do, I think you would want more info in Latest Data than you are currently receiving.

MrKen

Ad Widget

SNMP traps using snmptrap.sh Sending failed

SNMP traps using snmptrap.sh Sending failed

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment