Ad Widget

**markfree** · 07-03-2024, 03:36

What is your SNMP trap item configuration?

**llinty** · 07-03-2024, 11:58

Thank you for your reply. You will find attached the SNMP trap item. snmp fallback has been choosen. The IP address is the one of the device to be monitored. If I send an SNMP trap from this device the parsed file to send to Zabbix is as following: The header is correct and we see that the device is sending SNMP to my proxy on UDP/162. But I still have no collected data on my host 192.168.206.95.

Zabbix Server and proxy are not on the same timezone. Is it possible that Zabbix server cannot process current date format?

2024-03-07T10:43:26+0400 ZBXTRAP 192.168.206.95
PDU INFO:
notificationtype TRAP
version 1
receivedfrom UDP: [192.168.206.95]:47964->[192.168.201.177]:162
errorstatus 0
messageid 0
community public
transactionid 25
errorindex 0
requestid 996196933
VARBINDS:
DISMAN-EVENT-MIB::sysUpTimeInstance type=67 value=Timeticks: (32632879) 3 days, 18:38:48.79
SNMPv2-MIB::snmpTrapOID.0 type=6 value=OID: SNMPv2-SMI::enterprises.2036.2.1.4.1
SNMP-COMMUNITY-MIB::snmpTrapAddress.0 type=64 value=IpAddress: 192.168.206.95
SNMPv2-SMI::enterprises.2036.2.1.1.8.0 type=4 value=STRING: "[Product=XXX][System=my-device][Severity=Information][Serial=A...0][Details=Synchronization Recovery Failed]"

Regards

Attached Files

**cyber** · 07-03-2024, 12:35

If you set the Type of information to 'Log' , what happens?

3 SNMP traps

https://www.zabbix.com/documentation/current/en/manual/config/items/itemtypes/snmptrap

Set the Type of information to 'Log' for the timestamps to be parsed. Note that other formats such as 'Numeric' are also acceptable but might require a custom trap handler.

**llinty** · 07-03-2024, 20:52

I have changed Host item to Log and sent a new SNMP Trap test from my device. The log is still generated of course but no data are coming to Zabbix Server. I'm using a custom community which is publicYYYY (masked characters were removed from the last log indeed - I have written YYYY now). I also have double checked it's value and changed the default {$SNMP_COMMUNITY} macro of course. See attached file.

It makes me nuts...

2024-03-07T22:32:44+0400 ZBXTRAP 192.168.206.95
PDU INFO:
notificationtype TRAP
version 1
receivedfrom UDP: [192.168.206.95]:46826->[192.168.201.177]:162
errorstatus 0
messageid 0
community publicYYYY
transactionid 59
errorindex 0
requestid 487835220
VARBINDS:
DISMAN-EVENT-MIB::sysUpTimeInstance type=67 value=Timeticks: (25801) 0:04:18.01
SNMPv2-MIB::snmpTrapOID.0 type=6 value=OID: SNMPv2-SMI::enterprises.2036.2.1.4.1
SNMP-COMMUNITY-MIB::snmpTrapAddress.0 type=64 value=IpAddress: 192.168.206.95
SNMPv2-SMI::enterprises.2036.2.1.1.8.0 type=4 value=STRING: "Test SNMP trap from XXXX"

Attached Files

**llinty** · 07-03-2024, 20:59

Since last upgrade to release 6.4.12 for both Zabbix Server and Zabbix proxy the log file of the proxi is looping with this:

25420:20240307:225351.639 cannot process received configuration data from server at "a.b.158.230": unexpected field "httptest.agent"

I don't know if it matters. However data collected from proxy are still received by Zabbix Server (ip address a.b.158.230).

**cyber** · 08-03-2024, 13:19

You mentioned that perl script that you are using in snmptrapd... It seems to format output differently compared to the examples shown in here... https://www.zabbix.com/documentation...p#verification
I'm using the bash script https://www.zabbix.com/documentation...-trap-receiver and output is like in examples and all the trap items work like a charm..

**llinty** · 08-03-2024, 17:36

I also think that data are not readable by Zabbix server because of wrong format. So I have modified a few things in configuration files as suggested.

1) /etc/zabbix/zabbix_proxy.conf
SNMPTrapperFile=/var/lib/zabbix/snmptraps/snmptraps.log

=> So SNMP Trap file has been changed and Zabbix Proxy restarted successfully.

2) Bash script has been downloaded
curl -o /usr/sbin/zabbix_trap_handler.sh https://raw.githubusercontent.com/za...rap_handler.sh
chmod +x /usr/sbin/zabbix_trap_handler.sh
file /usr/sbin/zabbix_trap_handler.sh

/usr/sbin/zabbix_trap_handler.sh: Bourne-Again shell script, ASCII

3) /etc/snmp/snmptrapd.conf has been modified

# authCommunity execute publicXXX
# perl do "/usr/bin/zabbix_trap_receiver.pl";
authCommunity log,execute,net publicXXX
traphandle default /usr/sbin/zabbix_trap_handler.sh

SNMP Traps Daemon Service has been restarted successfully.

4) SNMP test has been performed and the log is filling

cat /var/lib/zabbix/snmptraps/snmptraps.log

20240308.185743 ZBXTRAP 192.168.206.95
UDP: [192.168.206.95]:40002->[192.168.201.177]:162
DISMAN-EVENT-MIB::sysUpTimeInstance = 0:0:16:33.00
SNMPv2-MIB::snmpTrapOID.0 = SNMPv2-SMI::enterprises.2036.2.1.4.1
SNMP-COMMUNITY-MIB::snmpTrapAddress.0 = 192.168.206.95
SNMPv2-SMI::enterprises.2036.2.1.1.8.0 = "Test SNMP trap from my-device"

But still no data into my host... :-(
My host is monitored by the proxy [192.168.201.177]. Is your SNMP Trap Daemon running on Zabbix server or do you also use a proxy?.

Many thanks for your help!

Attached Files

**cyber** · 11-03-2024, 10:15

Originally posted by llinty

Is your SNMP Trap Daemon running on Zabbix server or do you also use a proxy?.

On the proxy..
That latest data link there does not show out anything? still nothing from that fallback item? You clearly have a working trap receiver as log is populated, so there must be something else.
You can increase loglevel for snmptrapper process and maybe you can find something from that output...

Ad Widget

SNMP Tramp monitoring through proxy not sending data to Zabbix Server

SNMP Tramp monitoring through proxy not sending data to Zabbix Server

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment