Ad Widget

Collapse

Mikrotik snmp-trap with Zabbix docker

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • arp
    Junior Member
    • Dec 2021
    • 2
    #1

    Mikrotik snmp-trap with Zabbix docker

    Hi guys,
    i'm in trouble to view snmp trap from a mikrotik device: i'm able to collect the traps but i would like to see them as textual instead of oid form.

    Basically for this two container:
    zabbix-server-pgsql
    zabbix-snmptraps

    i put the mikrotik.mib file into the shared folder /usr/share/snmp/mibs/ and used the download-mibs tool on the host, to put the downloaded mibs as well.
    In both container i have the following env variables
    Code:
    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs
MIBS=+ALL
    Code:
    drwxr-xr-x 4 root root 4.0K Nov 29 20:53 ..
-rw-r--r-- 1 root root 87.3K Dec 21 12:25 mikrotik.mib
drwxr-xr-x 2 root root 4.0K Dec 26 16:31 .
    and the current result is similar to this:
    Code:
    DISMAN-EVENT-MIB::sysUpTimeInstance = 15846381
SNMPv2-MIB::snmpTrapOID.0 = IF-MIB::linkDown
SNMP-COMMUNITY-MIB::snmpTrapAddress = Wrong Type (should be IpAddress): "00 00 00 00 00 00 00 00 00 00 FF FF C0 A8 58 01 [..............X.]"
IF-MIB::ifIndex.2 = 2
IF-MIB::ifAdminStatus.2 = 2
IF-MIB::ifOperStatus.2 = 2
    I would like to see something more readable instead of ifIndex=2 i would like to see the intf name and for the status Down or UP.

    How is this possible?
    Thanks in advance
    Tags: docker, mikrotik, routeros7, snmp
    • ISiroshtan
      Senior Member
      • Nov 2019
      • 324
      #2
      Hi mate,

      1. If device does not send information about interface name no MIB will make it magically appear. If all that is sent is index (one integer number), how do you expect MIB file or Zabbix to actually get the name?
      2. Based on Trap your showing, it's not actually using anything from mikrotik.mib file. The admin status is defined in IF-MIB, which defines it as integer value, so it exactly that, a number. They have a table explaining meaning, but I don't believe there is easy way to replace this one part of the text entry (one way I can think is pre-processing with JS to check if it has specific OID in text and do replacements but I think that to be a little to much Hussle and not worth the effort). You can just check for regexp like 'IF-MIB::ifAdminStatus\.\d = 2' in trigger expression and have the name of trigger "Interface X is down" which achieves similar result way easier.

      Hope it helps

        Comment

        • arp
          Junior Member
          • Dec 2021
          • 2
          #3
          Hi ISiroshtan,
          thanks for your reply.

          About your first point: The interfaces name are sent with other oids. So i'm wondering if there is a no so complex way to map ifindex with the value of the target oid (your answer is re... i'll try)
          Code:
          snmpwalk -v3 -x AES -X blabla -a SHA -A blabla -l authPriv -u user 10.10.10.10 -m /usr/share/snmp/mibs/mikrotik.mib 1.3.6.1.4.1.14988.1.1.14.1.1.2
MIKROTIK-MIB::mtxrInterfaceStatsName.1 = STRING: wlan1
MIKROTIK-MIB::mtxrInterfaceStatsName.2 = STRING: wlan2
MIKROTIK-MIB::mtxrInterfaceStatsName.3 = STRING: ether1
MIKROTIK-MIB::mtxrInterfaceStatsName.4 = STRING: ether2
MIKROTIK-MIB::mtxrInterfaceStatsName.5 = STRING: bridge
MIKROTIK-MIB::mtxrInterfaceStatsName.x = STRING: VLAN_2
MIKROTIK-MIB::mtxrInterfaceStatsName.x+1 = STRING: VLAN_3
MIKROTIK-MIB::mtxrInterfaceStatsName.x+2 = STRING: VLAN_4
ecc...
          similar to this: IF-MIB::ifIndex.2 = (2 == wlan2 =) MIKROTIK-MIB::mtxrInterfaceStatsName.2

          2. Based on Trap your showing, it's not actually using anything from mikrotik.mib file.
          This is the true and for my knowledge this is not a misconfiguration but it's based on the mikrotik.mib definition that use several import from other mib and how Zabbix read the folder
          Code:
          head /usr/share/snmp/mibs/mikrotik.mib
MIKROTIK-MIB DEFINITIONS ::= BEGIN

IMPORTS
InetAddressType, InetAddress, InetPortNumber FROM INET-ADDRESS-MIB
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, Gauge32, IpAddress,
Counter64, enterprises, NOTIFICATION-TYPE, TimeTicks FROM SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString, MacAddress, DateAndTime FROM SNMPv2-TC
OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF;
          Do you agree?

            Comment

            • ISiroshtan
              Senior Member
              • Nov 2019
              • 324
              #4
              Hey mate.

              The only way I can think of to pair up SNMP Agent and SNMP Trap is to create an SNMP Discovery rule(maybe you already have one in place? ) where it would discover each interface name in separate macro (for example {#INAME}), and in addition to common SNMP Agent items it would create a new trigger pointing to SNMP Trap Item that exists outside of discovery (on host or template).
              Name can be something like:
              Code:
              "Interface {#INAME} is down"
              Expression:
              Code:
              {Template:item_key.regexp(IF-MIB::ifIndex\.\d = {#SNMPINDEX})}=1 and {Template:item_key.regexp(IF-MIB::ifAdminStatus\.\d2 = 2)}=1
              Recovery expression:
              Code:
              {Template:item_key.regexp(IF-MIB::ifIndex\.\d = {#SNMPINDEX})}=1 and {Template:item_key.regexp(IF-MIB::ifAdminStatus\.\d = 1)}=1
              Not sure I wrote everything 100% correct. Also not tested this particular solution, so need to try it out and tweak as needed.



              In regards to MIBs - it's not misconfiguration, it's just how it sends SNMP Traps. And even if you don't install Mikrotik MIB at all, that particular trap will be translated in exactly same way.

                Comment

                Previous template Next
                Working...