Working on implementing traps with 5.4. I might be getting ahead of myself but I would like to understand the system fully. I have been sending test traps. I was able to get snmptrapd and snmptt log my traps. But for some reason my test traps do not pass to zabbix. I have tried a few configuration in snmptt.conf and snmp.ini but I am missing something.
to define some network devices:
10.0.0.33 < Linux test server
10.0.0.44 < Device B sending traps
10.0.0.99 < Zabbix proxy
(dates might be off, as I coppied and formated but did not fix dates)
From a linux server 10.0.0.33 I can do:
snmptrap -v 1 -c public 10.0.0.99 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "teststring000"
I can see it in snmptt.log
23:03:18 2024/07/03 .1.3.6.1.6.3.1.1.5.1 Normal "CustomEvent" host-10-0-0-33.ourdomain.net - ZBXTRAP 10.0.0.33 10.0.0.33
But I can not see anything in zabbix_proxy.log
However I can see another different Trap that one of our devices and it gets passed for some reason
snmptt.log
20:17:38 2024/07/30 .1.3.6.1.4.1.6302.2.1.5.1 Normal "CustomEvent" 10.0.0.44 - ZBXTRAP 10.0.0.44 10.0.0.44
zabbix_proxy.log
3887488:20240724:174132.650 unmatched trap received from "10.0.0.44": 17:41:30 2024/07/24 .1.3.6.1.4.1.6302.2.1.5.1 Normal "CustomEvent" 10.0.0.44 - 10.0.0.44
I understand that unmatched trap is an issue in itself and I might need to work through that. But I dont want to just wait for traps that may or may not happen to work on zabbix
In snmptt.conf I commented out all the other stuff as I did not think I needed it. I figured that zabbix would handle the OIDs. So all it has is:
The only thing I wonder is that the host name before ZBXTRAP. I tried some config changes with snmptt.ini but I could not get anything to strip that from the snmptt log.
I set the zabbix debug level to 5 and ran some tests, but I am not sure why it cant parse the trap from 10.0.0.33 that gets logged to snmptt.log
to define some network devices:
10.0.0.33 < Linux test server
10.0.0.44 < Device B sending traps
10.0.0.99 < Zabbix proxy
(dates might be off, as I coppied and formated but did not fix dates)
From a linux server 10.0.0.33 I can do:
snmptrap -v 1 -c public 10.0.0.99 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "teststring000"
I can see it in snmptt.log
23:03:18 2024/07/03 .1.3.6.1.6.3.1.1.5.1 Normal "CustomEvent" host-10-0-0-33.ourdomain.net - ZBXTRAP 10.0.0.33 10.0.0.33
But I can not see anything in zabbix_proxy.log
However I can see another different Trap that one of our devices and it gets passed for some reason
snmptt.log
20:17:38 2024/07/30 .1.3.6.1.4.1.6302.2.1.5.1 Normal "CustomEvent" 10.0.0.44 - ZBXTRAP 10.0.0.44 10.0.0.44
zabbix_proxy.log
3887488:20240724:174132.650 unmatched trap received from "10.0.0.44": 17:41:30 2024/07/24 .1.3.6.1.4.1.6302.2.1.5.1 Normal "CustomEvent" 10.0.0.44 - 10.0.0.44
I understand that unmatched trap is an issue in itself and I might need to work through that. But I dont want to just wait for traps that may or may not happen to work on zabbix
In snmptt.conf I commented out all the other stuff as I did not think I needed it. I figured that zabbix would handle the OIDs. So all it has is:
Code:
EVENT general .* "CustomEvent" Normal FORMAT ZBXTRAP $aA $ar
I set the zabbix debug level to 5 and ran some tests, but I am not sure why it cant parse the trap from 10.0.0.33 that gets logged to snmptt.log