Hi everyone,
I'm new to the zabbix environment so please forgive me if I make mistakes ^^
I have deployed a zabbix server and a zabbix proxy which are on two different networks (interconnected via wireguard).
On my zabbix_proxy I work with snmp traps only (I don't have access to the devices I'm monitoring).
So I've deployed snmptrapd and snmptt.
I capture and translate some traps correctly (CPU Threshold, Link UP/Down for example).
But for some devices, my snmptrapd doesn't capture traps that seem to be the same as other traps. I can't see anything in the snmp logs (which are at maximum debug level), but I can see the traps in tcpdump. An example below:
This trap is correctly captured and translated by snmp :
17:33:56.006773 eth0 In IP 10.250.19.129.162 > 10.250.7.10.162: C="public" V2Trap(205) .1.3.6.1.2.1.1.3.0=261164752 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.4 .1.3.6.1.2.1.2.2.1.1.15=15 .1.3.6.1.2.1.2.2.1.7.15=1 .1.3.6.1.2.1.2.2.1.8.15=1 .1.3.6.1.4.1.12356.100.1.1.1.0="MODEL" .1.3.6.1.2.1.1.5.0="HOSTNAME" .1.3.6.1.2.1.31.1.1.1.1.15="internal8" .1.3.6.1.2.1.2.2.1.2.15=""
And this one is just captured in my tcpdump but doesn't appear in snmp:
17:34:12.012959 eth0 In IP 10.250.8.253.162 > 10.250.7.10.162: C="public" V2Trap(204) .1.3.6.1.2.1.1.3.0=1130382605 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.4 .1.3.6.1.2.1.2.2.1.1.22=22 .1.3.6.1.2.1.2.2.1.7.22=1 .1.3.6.1.2.1.2.2.1.8.22=1 .1.3.6.1.4.1.12356.100.1.1.1.0="MODEL" .1.3.6.1.2.1.1.5.0="HOSTNAME" .1.3.6.1.2.1.31.1.1.1.1.22="port10" .1.3.6.1.2.1.2.2.1.2.22=""
I have this problem for some traps and I don't understand why.
I don't have any problems in journalctl of the different daemons.
Thank you in advance for your help.
I'm new to the zabbix environment so please forgive me if I make mistakes ^^
I have deployed a zabbix server and a zabbix proxy which are on two different networks (interconnected via wireguard).
On my zabbix_proxy I work with snmp traps only (I don't have access to the devices I'm monitoring).
So I've deployed snmptrapd and snmptt.
I capture and translate some traps correctly (CPU Threshold, Link UP/Down for example).
But for some devices, my snmptrapd doesn't capture traps that seem to be the same as other traps. I can't see anything in the snmp logs (which are at maximum debug level), but I can see the traps in tcpdump. An example below:
This trap is correctly captured and translated by snmp :
17:33:56.006773 eth0 In IP 10.250.19.129.162 > 10.250.7.10.162: C="public" V2Trap(205) .1.3.6.1.2.1.1.3.0=261164752 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.4 .1.3.6.1.2.1.2.2.1.1.15=15 .1.3.6.1.2.1.2.2.1.7.15=1 .1.3.6.1.2.1.2.2.1.8.15=1 .1.3.6.1.4.1.12356.100.1.1.1.0="MODEL" .1.3.6.1.2.1.1.5.0="HOSTNAME" .1.3.6.1.2.1.31.1.1.1.1.15="internal8" .1.3.6.1.2.1.2.2.1.2.15=""
And this one is just captured in my tcpdump but doesn't appear in snmp:
17:34:12.012959 eth0 In IP 10.250.8.253.162 > 10.250.7.10.162: C="public" V2Trap(204) .1.3.6.1.2.1.1.3.0=1130382605 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.4 .1.3.6.1.2.1.2.2.1.1.22=22 .1.3.6.1.2.1.2.2.1.7.22=1 .1.3.6.1.2.1.2.2.1.8.22=1 .1.3.6.1.4.1.12356.100.1.1.1.0="MODEL" .1.3.6.1.2.1.1.5.0="HOSTNAME" .1.3.6.1.2.1.31.1.1.1.1.22="port10" .1.3.6.1.2.1.2.2.1.2.22=""
I have this problem for some traps and I don't understand why.
I don't have any problems in journalctl of the different daemons.
Thank you in advance for your help.
Comment