SNMP traps returning "unmatched" - Zabbix 7.0.6
Kind of out of ideas on this one... Have reviewed past threads on this topic and have verified everything that was referenced, and it still is not working.
Background: Zabbix 7.0.6 server with a proxy group of five proxy servers. We have devices sending SNMP traps directly to the Zabbix server since the assignments
within the proxy groups can change.
Traps are received by the server and are being parsed (apparently) properly by the perl script and written to the trap file, but every trap event returns as "unmatched".
Have verified that the IP addresses are properly listed in the interfaces table. Have also verified that the interface id of the reporting devices exists in the interface_snmp table.
interfaces:
MariaDB [zabbix]> SELECT ip FROM interface WHERE main=1 AND type=2;
+-----------------+
| ip |
+-----------------+
...
| 10.61.176.50 |
...
interfaces_snmp:
| 22743 | 2 | 1 | {$SNMP_COMMUNITY} | | 0 | | | 0 | 0 | | 10 |
Digging in to the server log (with the logging level turned up) I am seeing this:
2284:20250108:101718.392 zbx_setproctitle() title:'snmp trapper [processed data in 0.001915 sec, idle 1 sec]'
2284:20250108:101719.392 zbx_setproctitle() title:'snmp trapper [processing data]'
2284:20250108:101719.392 In zbx_dc_config_get_snmp_interfaceids_by_addr() addr:'10.61.176.50'
2284:20250108:101719.392 End of zbx_dc_config_get_snmp_interfaceids_by_addr():1
2284:20250108:101719.392 In zbx_dc_config_get_snmp_items_by_interfaceid() interfaceid:22743
2284:20250108:101719.392 End of zbx_dc_config_get_snmp_items_by_interfaceid():0
2284:20250108:101719.392 unmatched trap received from "10.61.176.50": 2025-01-08T10:17:17-0600 PDU INFO:
requestid 791638964
transactionid 2706
messageid 0
community xxxxxxxxx
version 1
notificationtype TRAP
receivedfrom UDP: [10.61.176.50]:43339->[xxx.xxx.xxx.xxx]:162
errorindex 0
errorstatus 0
VARBINDS:
...
If I am reading this correctly, it looks like the "zbx_dc_config_get_snmp_items_by_interfaceid() " function is returning false,
so the question becomes why?
If I generate a test 'trap' directly on the server, it processes as expected. The only obvious difference is that the interfaceid function
is returning true.
Any thoughts?
Background: Zabbix 7.0.6 server with a proxy group of five proxy servers. We have devices sending SNMP traps directly to the Zabbix server since the assignments
within the proxy groups can change.
Traps are received by the server and are being parsed (apparently) properly by the perl script and written to the trap file, but every trap event returns as "unmatched".
Have verified that the IP addresses are properly listed in the interfaces table. Have also verified that the interface id of the reporting devices exists in the interface_snmp table.
interfaces:
MariaDB [zabbix]> SELECT ip FROM interface WHERE main=1 AND type=2;
+-----------------+
| ip |
+-----------------+
...
| 10.61.176.50 |
...
interfaces_snmp:
| 22743 | 2 | 1 | {$SNMP_COMMUNITY} | | 0 | | | 0 | 0 | | 10 |
Digging in to the server log (with the logging level turned up) I am seeing this:
2284:20250108:101718.392 zbx_setproctitle() title:'snmp trapper [processed data in 0.001915 sec, idle 1 sec]'
2284:20250108:101719.392 zbx_setproctitle() title:'snmp trapper [processing data]'
2284:20250108:101719.392 In zbx_dc_config_get_snmp_interfaceids_by_addr() addr:'10.61.176.50'
2284:20250108:101719.392 End of zbx_dc_config_get_snmp_interfaceids_by_addr():1
2284:20250108:101719.392 In zbx_dc_config_get_snmp_items_by_interfaceid() interfaceid:22743
2284:20250108:101719.392 End of zbx_dc_config_get_snmp_items_by_interfaceid():0
2284:20250108:101719.392 unmatched trap received from "10.61.176.50": 2025-01-08T10:17:17-0600 PDU INFO:
requestid 791638964
transactionid 2706
messageid 0
community xxxxxxxxx
version 1
notificationtype TRAP
receivedfrom UDP: [10.61.176.50]:43339->[xxx.xxx.xxx.xxx]:162
errorindex 0
errorstatus 0
VARBINDS:
...
If I am reading this correctly, it looks like the "zbx_dc_config_get_snmp_items_by_interfaceid() " function is returning false,
so the question becomes why?
If I generate a test 'trap' directly on the server, it processes as expected. The only obvious difference is that the interfaceid function
is returning true.
Any thoughts?
Thats not how things work.. Your devices are monitored by proxies, server has no knowledge about them from monitoring duties perspective.
Comment