traphandle default /usr/sbin/snmptthandler
disableAuthorization yes
authCommunity log,execute,net public

OPTIONS="-m +ALL -Ls6 -On -p /var/run/snmptrapd.pid"

[General]
snmptt_system_name = zabbix_server
mode = standalone
multiple_event = 1
dns_enable = 0
strip_domain = 0
resolve_value_ip_addresses = 0
net_snmp_perl_enable = 1
net_snmp_perl_cache_enable = 1
net_snmp_perl_best_guess = 0
translate_log_trap_oid = 2
translate_value_oids = 2
translate_enterprise_oid_format = 1
translate_trap_oid_format = 1
translate_varname_oid_format = 1
translate_integers = 1
#mibs_environment = ALL
wildcard_expansion_separator = " "
allow_unsafe_regex = 1
remove_backslash_from_quotes = 0
dynamic_nodes = 0
description_mode = 2
description_clean = 1
threads_enable = 0
threads_max = 10
date_time_format = %Y/%m/%d %Y %H:%M:%S

[DaemonMode]
daemon_fork = 1
daemon_uid = snmptt
pid_file = /var/run/snmptt.pid
spool_directory = /var/spool/snmptt/
sleep = 5
use_trap_time = 1
keep_unlogged_traps = 1
duplicate_trap_window = 0

[Logging]
stdout_enable = 0
log_enable = 1
log_file = /tmp/zabbix_traps.log
log_system_enable = 1
log_system_file = /var/log/snmptt/snmpttsystem.log
unknown_trap_log_enable = 1
unknown_trap_log_file = /var/log/snmptt/unknown_traps.log
statistics_interval = 0
syslog_enable = 1
syslog_facility = local0
syslog_level = warning
syslog_system_enable = 1
syslog_system_facility = local0
syslog_system_level = warning

[Exec]
exec_enable = 1
pre_exec_enable = 1
unknown_trap_exec =
unknown_trap_exec_format = $aR [unknown] [unknown] $+*
exec_escape = 1

[Debugging]
DEBUGGING = 2
DEBUGGING_FILE = /var/log/snmptt/snmptt.debug
DEBUGGING_FILE_HANDLER = /var/log/snmptt/snmptthandler.debug

EVENT linkDown .1.3.6.1.6.3.1.1.5.3 "Status Events" Normal
FORMAT ZBXTRAP Link down on interface $1. Admin state: $2. Operational state: $3
EXEC qpage -f TRAP notifygroup1 "Link down on interface $1. Admin state: $2. Operational state: $3"


EVENT linkUp .1.3.6.1.6.3.1.1.5.4 "Status Events" Normal
FORMAT ZBXTRAP Link up on interface $1. Admin state: $2. Operational state: $3
EXEC qpage -f TRAP notifygroup1 "Link up on interface $1. Admin state: $2. Operational state: $3"


EVENT general .* "General event" Normal
FORMAT ZBXTRAP $aA $+*

2018/12/26 2018 09:51:11 IF-MIB::linkUp Normal "Status Events" 172.16.13.249 - ZBXTRAP Link up on interface 14.  Admin state: up.  Operational state: up

2018/12/26 2018 09:51:11 SNMPv2-SMI::enterprises.11.2.3.7.11.181.4.0.2 Normal "General event" 172.16.13.249 - ZBXTRAP 172.16.13.249 eventDescription.76:I 12/26/18 08:51:09 00076 ports: port 14 is now on-line

Processing file: #snmptt-trap-1545839307549608
Reading trap.  Current time: Wed Dec 26 10:48:31 2018

Raw trap passed from snmptrapd:
1545839307
<UNKNOWN>
UDP: [172.16.13.249]:161->[172.16.0.224]:162
.1.3.6.1.2.1.1.3.0 97:18:42:19.52
.1.3.6.1.6.3.1.1.4.1.0 .1.3.6.1.4.1.11.2.3.7.11.181.4.0.2
.1.3.6.1.2.1.16.9.1.1.2.76 I 12/26/18 09:48:24 00076 ports: port 14 is now on-line
.1.3.6.1.6.3.18.1.3.0 172.16.13.249
.1.3.6.1.6.3.18.1.4.0 "public"
.1.3.6.1.6.3.1.1.4.3.0 .1.3.6.1.4.1.11.2.3.7.11.181.4

Items passed from snmptrapd:
value 0: 172.16.13.249

value 1: 172.16.13.249

value 2: .1.3.6.1.2.1.1.3.0

value 3: 97:18:42:19.52

value 4: .1.3.6.1.6.3.1.1.4.1.0

value 5: .1.3.6.1.4.1.11.2.3.7.11.181.4.0.2

value 6: .1.3.6.1.2.1.16.9.1.1.2.76

value 7: I 12/26/18 09:48:24 00076 ports: port 14 is now on-line

value 8: .1.3.6.1.6.3.18.1.3.0

value 9: 172.16.13.249

value 10: .1.3.6.1.6.3.18.1.4.0

value 11: public

value 12: .1.3.6.1.6.3.1.1.4.3.0

value 13: .1.3.6.1.4.1.11.2.3.7.11.181.4

Agent IP address (172.16.13.249) is the same as the host IP, so copying the host name: 172.16.13.249

Trap received from 172.16.13.249: .1.3.6.1.4.1.11.2.3.7.11.181.4.0.2
0:        hostname
1:        ip address
2:        uptime
3:        trapname / OID
4:        ip address from trap agent
5:        trap community string
6:        enterprise
7:        securityEngineID        (snmptthandler-embedded required)
8:        securityName            (snmptthandler-embedded required)
9:        contextEngineID         (snmptthandler-embedded required)
10:        contextName             (snmptthandler-embedded required)
0+:        passed variables

Value 0: 172.16.13.249

Value 1: 172.16.13.249

Value 2: 97:18:42:19.52

Value 3: .1.3.6.1.4.1.11.2.3.7.11.181.4.0.2

Value 4: 172.16.13.249

Value 5: public

Value 6: .1.3.6.1.4.1.11.2.3.7.11.181.4

Value 7:

Value 8:

Value 9:

Value 10:

Agent dns name: 172.16.13.249

Ent Value 0 ($1): .1.3.6.1.2.1.16.9.1.1.2.76=I 12/26/18 09:48:24 00076 ports: port 14 is now on-line

Exact match of trap NOT found in EVENT hash table

Looking for wildcards in the EVENT hash table
Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.7.11.181.4.0.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.7.11.181.4.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.7.11.181.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.7.11.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.7.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.3.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.2.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.11.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.1.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.4.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.1.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.6.*

Drilling down looking for wildcards in the EVENT hash table
.1.3.*

Drilling down looking for wildcards in the EVENT hash table
.1.*

Drilling down looking for wildcards in the EVENT hash table
.*



Trap not defined...