I'm on 6.0.x not 6.4.x so my interface may be a little different (the web interface has evolved a bunch in the past few years).

If you're seeing the trap data show up in "Data Collection" (that area is the "Configuration" menu in 6.0), then the data is making it past the point that a lot of people run into trouble: the script that bridges the snmpd trap receiver and Zabbix itself.

You expect that some of the test TRAP values should cause one or more triggers to fire. After some value that should be a problem is received, do you ever see anything appear in Monitoring->Problems or on any of the Dashboards that you believe would display it? If the data is getting in but it's never causing a trigger to generate a problem event, the issue is most likely with your triggers (or possibly the host, but I would focus on triggers first).

Have you configured an snmptrap.fallback ?

Can you show the host configuration for "local_test" (I only care about the "Host" tab, not IPMI/Tags/Inventory/etc.)?

Can you show the item configuration for "LinkUp test"? I only care about the main "Item" tab, not the Tags/Preprocessing tabs.​

you even display here the value.... and then you create a trigger that compares value to 0... but your value is not 0, its a whole lot more of text ...
that example 5 you link here is done with an item, that actually has values 1 or 0... You cannot just transfer this to text type values...

As far as anything from Monitoring > Problem, nothing shows up there. I just see the trap information in the logs. I am convinced my issue is with the Trigger configuration, just unsure of the expression configuration from the documentation to make incoming traps appear on Dashboards.

And this is my confusion as to configuring the expression in the trigger based on the documentation. What would be the proper regex to just display the trap text as a problem in Dashboard? The intent of my ISP is to come off Spectrum and attempting to use Zabbix as its Proof of Concept to trap forwarding.

this is what this item returns as a text:
your trigger is very simple - "if ITEM equals = 0" but in this case it compares IF item value is: 20240129.154651 UDP: [76.96.233.59]:59560->[96.113.92.122]:162 DISMAN-EVENT-MIB::sysUpTimeInstance = 406285255SNMPv2-MIB::snmpTrapOID.0 = IF-MIB::linkUp.0 - which is FALSE

it doesn't equal 0 .. but the whole string. Trigger fires when the condition is TRUE and in this case - it isn't.

for snmp trap see regex:
https://www.zabbix.com/documentation...types/snmptrap

you need to:
1)apply regex to snmp trap trigger that will produce TRUE event in the trigger value
OR
2) apply regex/ snmp preprocessing etc.. (or different preprocessing for ITEM SNMP trapper that receive values to indicate whenever it up or down
(or both)

preprocessing:
https://www.zabbix.com/documentation.../preprocessing

Simply put:
the example you took example from documentation is viable for numeric or boolean-like types of data. While SNMP traps are handled as string(text) type of data. Normal approach for SNMP is to instruct Zabbix to look for specific piece(s) of text indicative with issue or resolution of such.

If I'm not mistaken the MIB you trying to use is Cisco related IF-MIB. If I read the MIB correctly, they have seperate traps for interface going UP or DOWN. I would go with uniting them into single item to have easier time automating alert raising and closing. You can do such with item key similar to The basic trigger expression in such case would be something like:
Recovery expression:
With such approach your trigger should rise alert if linkDown message received and close if linkUp is received.



This has a downside that you could have multiple interface and no matter how many of them goes down, as soon as one recovers - problem would be resolved. To mitigate it such you could go further with following approach:
switch the trigger into "PROBLEM event generation mode​" - Multiple
set the "OK event closes​" - if tag matches
set "Tag for matching" - "ifIndex"
switch to Tags in trigger and add a tag like Name: "ifIndex", Value: "{{ITEM.VALUE1}.regsub("IF-MIB::ifIndex type=4 value=INTEGER: (.*)",\1)}"


MInd you, this was written mostly from memory and brief look at IF-MIB file, I did not test all written here today so some mistakes might(very likely) be present in the written above

Well... you do not need recovery here, as trigger expression will turn to false anyway, when "linkup" arrives..

Traps are a bit PIA (Pain In "backside") to deal with (like logfile items also). A lot of items can be created with a lot of triggers and then people want them also to close in time, but sometimes there is just no OK trap etc etc.. I have here a case with some Avaya stuff... damn MIB contains 1700 OID-s...:/ yea, not all of them are traps etc.. but still trying to deal with such amount is kind of not encouraging...

Huuh, somehow it totally escaped my mind that recovery expression can be omitted in this case... oh well

And yeah, I agree that SNMP can be a pain to deal with, especially if there is no ready template you are happy with. Tho based on what I worked with so fat, I would say Cisco is on easier side of things ( and never had to deal with Avaya thankfully )