Hi there
Maybe it's not most appropriate place for this problem.
But still as I'm trying to configure zabbix snmp traps with snmptt I'll post it here as well. And maybe someone here already straggled with such problem.
I'm configuring zabbix with snmptt via embeded handler.
Problem is that SNMPTT see all traps as unknown:
Here is output from snmpttunknown.log
Syslog output:
SNMPTT debug output:
/var/spool/snmptt
So as I can see whole chain of processing before snmptt working just fine:
snmptapd -> snmptthandler-embedded -> /var/spool files for SNMPTT processing
snmptrapd conf:
snmptt.ini
snmptt.conf
test traps:
Maybe it's not most appropriate place for this problem.
But still as I'm trying to configure zabbix snmp traps with snmptt I'll post it here as well. And maybe someone here already straggled with such problem.
I'm configuring zabbix with snmptt via embeded handler.
Problem is that SNMPTT see all traps as unknown:
Here is output from snmpttunknown.log
Code:
12:24:33 2014/12/19: Unknown trap ((null)) received from localhost at: Value 0: localhost Value 1: 127.0.0.1 Value 2: (null) Value 3: (null) Value 4: 127.0.0.1 Value 5: public Value 6: .1.3.6.1.6.3.1.1.5.2 Value 7: 0x57e6b6e6f677e6 Value 8: unknown Value 9: 0x57e6b6e6f677e6 Value 10: unknown Ent Value 0: .1.3.6.1.2.1.1.3.0=(119520463) 13 days, 20:00:04.63 Ent Value 1: .1.3.6.1.6.3.1.1.4.1.0=SNMPv2-MIB::coldStart Ent Value 2: .1.3.6.1.4.1=hello
Code:
Dec 19 12:24:33 zabbix1 snmptrapd[11008]: 2014-12-19 12:24:33 0.0.0.0(via UDP: [127.0.0.1]:44625->[127.0.0.1]) TRAP, SNMP v1, community public#012#011SNMPv2-MIB::warmStart Cold Start Trap (0) Uptime: 13 days, 19:25:15.48#012#011SNMPv2-SMI::enterprises = STRING: "hello"
Code:
SNMPTTHANDLER-EMBEDDED started: Fri Dec 19 15:49:25 2014 s = 1418989765, usec = 633919 s_pad = 1418989765, usec_pad = 633919 Data received: 127.0.0.1 127.0.0.1 .1.3.6.1.6.3.18.1.4.0 public DISMAN-EVENT-MIB::sysUpTimeInstance (120540790) 13 days, 22:50:07.90 SNMPv2-MIB::snmpTrapOID.0 SNMPv2-MIB::coldStart SNMPv2-SMI::enterprises "hello" SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 "public" SNMPv2-MIB::snmpTrapEnterprise.0 SNMPv2-MIB::warmStart .1.3.6.1.6.3.10.2.1.1.0 "0x57e6b6e6f677e6" .1.3.6.1.6.3.18.1.1.1.3 "unknown" .1.3.6.1.6.3.18.1.1.1.4 "0x57e6b6e6f677e6" .1.3.6.1.6.3.18.1.1.1.5 "unknown"
Code:
1418976913 127.0.0.1 127.0.0.1 .1.3.6.1.6.3.18.1.4.0 public DISMAN-EVENT-MIB::sysUpTimeInstance (119255586) 13 days, 19:15:55.86 SNMPv2-MIB::snmpTrapOID.0 SNMPv2-MIB::coldStart SNMPv2-SMI::enterprises "hello" SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 "public" SNMPv2-MIB::snmpTrapEnterprise.0 SNMPv2-MIB::warmStart .1.3.6.1.6.3.10.2.1.1.0 "0x57e6b6e6f677e6" .1.3.6.1.6.3.18.1.1.1.3 "unknown" .1.3.6.1.6.3.18.1.1.1.4 "0x57e6b6e6f677e6" .1.3.6.1.6.3.18.1.1.1.5 "unknown"
So as I can see whole chain of processing before snmptt working just fine:
snmptapd -> snmptthandler-embedded -> /var/spool files for SNMPTT processing
snmptrapd conf:
Code:
authCommunity log,execute,net public ### SNMPTT Embedded handler perl do "/usr/share/snmptt/snmptthandler-embedded";
Code:
[General] snmptt_system_name = mode = daemon multiple_event = 1 dns_enable = 1 strip_domain = 0 strip_domain_list = <<END domain.com END resolve_value_ip_addresses = 0 net_snmp_perl_enable = 1 net_snmp_perl_cache_enable = 1 net_snmp_perl_best_guess = 2 translate_log_trap_oid = 2 translate_value_oids = 1 translate_enterprise_oid_format = 1 translate_trap_oid_format = 1 translate_varname_oid_format = 1 translate_integers = 1 wildcard_expansion_separator = " " allow_unsafe_regex = 1 remove_backslash_from_quotes = 0 dynamic_nodes = 0 description_mode = 0 description_clean = 1 threads_enable = 0 threads_max = 10 date_time_format = %H:%M:%S %Y/%m/%d [DaemonMode] daemon_fork = 1 daemon_uid = snmptt pid_file = /var/run/snmptt.pid spool_directory = /var/spool/snmptt/ sleep = 5 use_trap_time = 1 keep_unlogged_traps = 1 duplicate_trap_window = 0 [Logging] stdout_enable = 0 log_enable = 1 log_file = /var/log/snmptt/zabbix_traps.log log_system_enable = 0 log_system_file = /var/log/snmptt/snmpttsystem.log unknown_trap_log_enable = 0 unknown_trap_log_file = /var/log/snmptt/snmpttunknown.log statistics_interval = 216000 syslog_enable = 1 syslog_facility = local0 syslog_level_debug = <<END END syslog_level_info = <<END END syslog_level_notice = <<END END syslog_level_warning = <<END END syslog_level_err = <<END END syslog_level_crit = <<END END syslog_level_alert = <<END END syslog_level = warning syslog_system_enable = 1 syslog_system_facility = local0 syslog_system_level = warning [SQL] db_translate_enterprise = 0 db_unknown_trap_format = '$-*' sql_custom_columns = <<END END sql_custom_columns_unknown = <<END END mysql_dbi_enable = 0 postgresql_dbi_enable = 0 dbd_odbc_enable = 0 [Exec] exec_enable = 1 pre_exec_enable = 1 unknown_trap_exec = unknown_trap_exec_format = exec_escape = 1 [Debugging] DEBUGGING = 1 DEBUGGING_FILE = /var/log/snmptt/snmptt.debug DEBUGGING_FILE_HANDLER = /var/log/snmptt/snmptthandler.debug [TrapFiles] snmptt_conf_files = <<END /etc/snmp/snmptt.conf END
Code:
--EVENT coldStart .1.3.6.1.6.3.* "General event" Normal EVENT coldStart .* "General event" Normal FORMAT ZBXTRAP $aA EVENT warmStart .* "General event" Normal FORMAT ZBXTRAP $aA EVENT general .1.3.6.1.6.3.* "General event" Normal FORMAT ZBXTRAP $aA EVENT general .* "General event" Normal FORMAT ZBXTRAP $aA $ar
Code:
snmptrap -v 1 -c public 127.0.0.1 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s “teststring000” snmptrap -v1 -c public localhost .1.3.6.1.6.3.1.1.5.2 0 0 "" "" .1.3.6.1.4.1 s "hello"
Comment