Dear,
I have a scenario and I need your help. I am creating a monitoring that will receive SNMP TRAPS and will send a HTTP POST with several values to a WEB server, this WEB server has the function of consolidating events.
It turns out that I'm having some formatting problems in the received values, see if they can help me;
Below I have the format of how the TRAP arrives;
06/07/2019 06:15:25 PM
18:15:23 2019/06/07 PDU INFO:
TRAP notificationtype
version 0
receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162
errorstatus 0
messageid 0
community public
transactionid 23690
errorindex 0
requestid 0
VARBINDS:
DISMAN-EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55
SNMPv2-MIB :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33
IF-MIB :: linkUp type = 4 value = STRING: "eth0"
SNMP-COMMUNITY-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public"
SNMPv2-MIB :: snmpTrapEnterprise.0 type = 6 value = OID: IF-MIB :: linkUp
Through actions and media I will send the values in the pattern below;
{"name_trigger": "{TRIGGER.NAME}",
"id_trigger": "{TRIGGER.ID}",
"zabbix_source": "ZBX_HOM_01",
"event_start": "{EVENT.DATE} {EVENT.TIME}",
"item_value": "{ITEM.LASTVALUE}",
"nm_host": "{HOST.HOST}",
"ip_host": "{HOST.IP}",
"application": "{$ HOS_APLICACAO}",
"application_function": "{$ HOS_APLICACAO_FUNCAO}",
"severity": "{TRIGGER.SEVERITY}",
"id_zabbix": "{EVENT.ID}",
"event_status": "{EVENT.STATUS}",
"event_zabbix": "{EVENT.VALUE}",
"event_age": "{EVENT.AGE}"}
This works very well for all types of items (keys) that I have already used, but for SNMP TRAPs is not good, this is because the TRAPS arrive with the broken lines as in the example below;
{"name_trigger": "SNMP TRAP TRIGGER",
"id_trigger": "25332",
"zabbix_source": "ZBX_HOM_01",
"event_start": "2019.06.07 18:15:25",
"item_value": "18:15:23 2019/06/07 PDU INFO:
TRAP notificationtype
version 0
receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162
errorstatus 0
messageid 0
community public
transactionid 23690
errorindex 0
requestid 0
VARBINDS:
DISMAN-EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55
SNMPv2-MIB :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33
IF-MIB :: linkUp type = 4 value = STRING: "eth0"
SNMP-COMMUNITY-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public"
SNMPv2-MIB :: snmpTrapEnterprise.0 type = 6 value = OID: IF-MIB :: linkUp ",
"nm_host": "Zabbix server",
"ip_host": "127.0.0.1",
"application": "{$ HOS_APP}",
"application_function": "{$ HOS_APP_FUN}",
"severity": "high",
"id_zabbix": "10417911",
"event_status": "PROBLEM",
"event_zabbix": "1",
"event_age": "0m"}
Can you tell me if there is any way I can break line breaks only from the value received by the {ITEM.LASTVALUE} macro to get all the value received on the same line? Do you have a method (via preprocessing) to handle these line breaks? To be clearer, I'd like you to stay on the way down;
{"name_trigger": "SNMP TRAP TRIGGER",
"id_trigger": "25332",
"zabbix_source": "ZBX_HOM_01",
"event_start": "2019.06.07 18:15:25",
"item_value": "18:15:23 2019/06/07 PDU INFO: notificationtype TRAP version 0 receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162 errorstatus 0 messageid 0 community public transactionid 23690 errorindex 0 mb :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33 VARBINDS: DISMAN EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55 SNMPv2-MIB :: snmpTrapOID.0 SNMP-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public" SNMPv2-MIB :: snmpTrapEnterprise.0 type = 4 value = OID : IF-MIB :: linkUp",
"nm_host": "Zabbix server",
"ip_host": "127.0.0.1",
"application": "{$ HOS_APP}",
"application_function": "{$ HOS_APP_FUN}",
"severity": "high",
"id_zabbix": "10417911",
"event_status": "PROBLEM",
"event_zabbix": "1",
"event_age": "0m"}
Sorry for translation errors
Regards,
I have a scenario and I need your help. I am creating a monitoring that will receive SNMP TRAPS and will send a HTTP POST with several values to a WEB server, this WEB server has the function of consolidating events.
It turns out that I'm having some formatting problems in the received values, see if they can help me;
Below I have the format of how the TRAP arrives;
06/07/2019 06:15:25 PM
18:15:23 2019/06/07 PDU INFO:
TRAP notificationtype
version 0
receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162
errorstatus 0
messageid 0
community public
transactionid 23690
errorindex 0
requestid 0
VARBINDS:
DISMAN-EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55
SNMPv2-MIB :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33
IF-MIB :: linkUp type = 4 value = STRING: "eth0"
SNMP-COMMUNITY-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public"
SNMPv2-MIB :: snmpTrapEnterprise.0 type = 6 value = OID: IF-MIB :: linkUp
Through actions and media I will send the values in the pattern below;
{"name_trigger": "{TRIGGER.NAME}",
"id_trigger": "{TRIGGER.ID}",
"zabbix_source": "ZBX_HOM_01",
"event_start": "{EVENT.DATE} {EVENT.TIME}",
"item_value": "{ITEM.LASTVALUE}",
"nm_host": "{HOST.HOST}",
"ip_host": "{HOST.IP}",
"application": "{$ HOS_APLICACAO}",
"application_function": "{$ HOS_APLICACAO_FUNCAO}",
"severity": "{TRIGGER.SEVERITY}",
"id_zabbix": "{EVENT.ID}",
"event_status": "{EVENT.STATUS}",
"event_zabbix": "{EVENT.VALUE}",
"event_age": "{EVENT.AGE}"}
This works very well for all types of items (keys) that I have already used, but for SNMP TRAPs is not good, this is because the TRAPS arrive with the broken lines as in the example below;
{"name_trigger": "SNMP TRAP TRIGGER",
"id_trigger": "25332",
"zabbix_source": "ZBX_HOM_01",
"event_start": "2019.06.07 18:15:25",
"item_value": "18:15:23 2019/06/07 PDU INFO:
TRAP notificationtype
version 0
receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162
errorstatus 0
messageid 0
community public
transactionid 23690
errorindex 0
requestid 0
VARBINDS:
DISMAN-EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55
SNMPv2-MIB :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33
IF-MIB :: linkUp type = 4 value = STRING: "eth0"
SNMP-COMMUNITY-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public"
SNMPv2-MIB :: snmpTrapEnterprise.0 type = 6 value = OID: IF-MIB :: linkUp ",
"nm_host": "Zabbix server",
"ip_host": "127.0.0.1",
"application": "{$ HOS_APP}",
"application_function": "{$ HOS_APP_FUN}",
"severity": "high",
"id_zabbix": "10417911",
"event_status": "PROBLEM",
"event_zabbix": "1",
"event_age": "0m"}
Can you tell me if there is any way I can break line breaks only from the value received by the {ITEM.LASTVALUE} macro to get all the value received on the same line? Do you have a method (via preprocessing) to handle these line breaks? To be clearer, I'd like you to stay on the way down;
{"name_trigger": "SNMP TRAP TRIGGER",
"id_trigger": "25332",
"zabbix_source": "ZBX_HOM_01",
"event_start": "2019.06.07 18:15:25",
"item_value": "18:15:23 2019/06/07 PDU INFO: notificationtype TRAP version 0 receivedfrom UDP: [127.0.0.1]: 30468 -> [127.0.0.1]: 162 errorstatus 0 messageid 0 community public transactionid 23690 errorindex 0 mb :: snmpTrapOID.0 type = 6 value = OID: IF-MIB :: linkUp.0.33 VARBINDS: DISMAN EVENT-MIB :: sysUpTimeInstance type = 67 value = Timeticks: (55) 0: 00: 00.55 SNMPv2-MIB :: snmpTrapOID.0 SNMP-MIB :: snmpTrapCommunity.0 type = 4 value = STRING: "public" SNMPv2-MIB :: snmpTrapEnterprise.0 type = 4 value = OID : IF-MIB :: linkUp",
"nm_host": "Zabbix server",
"ip_host": "127.0.0.1",
"application": "{$ HOS_APP}",
"application_function": "{$ HOS_APP_FUN}",
"severity": "high",
"id_zabbix": "10417911",
"event_status": "PROBLEM",
"event_zabbix": "1",
"event_age": "0m"}
Sorry for translation errors
Regards,