SNMP-TRAP from Cisco Routers
Stanley Hopcroft
Stanley.Hopcroft at IPAustralia.Gov.AU
Thu May 1 04:50:43 CEST 2003
Dear Gentlemen,
I am writing to thank you for your letter and say,
On Wed, Apr 30, 2003 at 05:27:37PM +0530, Atul Shrivastava wrote:
> Thanks for this info.
>
> But I am really confused how to get the SNMP Traps processed when the
> snmptrapd receives the traps and writes it in some file. I have visited
> the net-snmp site but can't get any useful info from that. Same is the
> condition from the Nagios site.
This is the docco that was useful to me.
1. http://nagios.sourceforge.net/docs/1_0/int-snmptrap.html
This is a comprehensive fully worked example of the two points (passive
service checks and trap handler). The example, of a traphandler on
another host and a central or distributed Nagios monitor, uses
'send_ncsa' to send the passive check result from the machine ruuning
snmptrapd to the Nag monitor.
If snmptrapd is running on the same box as Nag, use 'echo >>
<Nag_command_queue>' as shown in the example in my last letter.
Please note that _you_ have to write the trap handler script using the
example given. If you cannot or do not code, you are in trouble, because
this code needs to be tailored to meet your requirements.
The problems with this approach is precisely that __you__ must get a
traphandler to handle your traps (for each trap you add); there is no
Nag trap infrastructure to simplify this.
(Another approach that may be a lot lot easier is
Alex Burger's snmptt product on SourceForge)
2. http://www.net-snmp.org/tutorial/commands/snmptrap.html
>
> What is required is that where i should make the shell script to get
> executed as you have given as example and in nagios configs where I define
> to take the inputs from where. I am really confused about that. Pls help
> me in getting out of that loop.
In a nutshell,
3.1 snmptrapd is sent traps by your Compaq servers or Cisco products. It
logs the trap and calls the shell script defined in snmptrapd.conf to
handle that trap
3.2 The shell script (trap handler) must decode the trap. It does this
by being called with the trap number and reading stdin to get the host
(the server sending the trap), the host ip, and name value pairs
decribing the trap.
Here's part of my input handling, all from the docco.
# Arguments:
# $1 = trap type
# First line passed from snmptrapd is FQDN of host that sent the trap
read host
# Second line passed from snmptrapd is ip address of host that sent the
trap
read ip
# Subsequent lines passed from snmptrapd contain the varbinds, one pair
of OIDs and values per line
#
#
transmission.frame-relay.frCircuitTable.frCircuitEntry.frCircuitIfIndex.15.21
15
#
transmission.frame-relay.frCircuitTable.frCircuitEntry.frCircuitDlci.15.21
21
#
transmission.frame-relay.frCircuitTable.frCircuitEntry.frCircuitState.15.21
inactive(3)
Dlci=9999
CircuitState='unknown'
while read oid val
do
if [ `expr "$oid" : '.*Dlci'` -gt 0 ]
then
Dlci=$val
elif [ `expr "$oid" : '.*CircuitState'` -gt 0 ]
then
CircuitState=$val
fi
done
A trap handler will have code like
case "$1" in
# failed to format tape - critical
11)
output="Critical: Failed to format tape"
state=2
;;
# failed to read tape header - critical
10)
output="Critical: Failed to read tape header"
state=2
;;
# failed to position tape - critical
11)
output="Critical: Failed to position tape"
state=2
;;
to work out what the trap is and to generate the 'fault decription
($output)' that goes in the passive service check result.
FWIW, the shell is a very bad way of doing this unless you are
good coder. I suggest Perl or something with compile time checks
for mortals (and it works faster).
> Can you tell me a procedure for the same.
>
Nagios is giving you a subset of what Tivoli, Uni-Centre etc provide
you, at an infinitisimal fraction of the cost.
The products share this however: you must spend some effort setting them
up or pay someone to do so.
> Regards,
>
> Atul Shrivastava
>
>
>
Yours sincerely.
--
------------------------------------------------------------------------
Stanley Hopcroft
------------------------------------------------------------------------
'...No man is an island, entire of itself; every man is a piece of the
continent, a part of the main. If a clod be washed away by the sea,
Europe is the less, as well as if a promontory were, as well as if a
manor of thy friend's or of thine own were. Any man's death diminishes
me, because I am involved in mankind; and therefore never send to know
for whom the bell tolls; it tolls for thee...'
from Meditation 17, J Donne.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list