Cisco router SNMP TRAPs - snmptrapd script ver ification

Platt, Nicholas Nick.Platt at myflorida.com
Mon May 10 14:07:09 CEST 2004
Previous message: Cisco router SNMP TRAPs - snmptrapd script verification
Next message: Antwort: RE: Cisco router SNMP TRAPs - snmptrapd script ver ification
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello again:

 

I was advised to not post things in proprietary format which make sense.
The original message is below.   If anyone can help me, it would greatly
appreciated.

 

-----Original Message-----
From: Platt, Nicholas [mailto:Nick.Platt at myflorida.com] 
Sent: Friday, May 07, 2004 7:23 PM
To: 'nagios-users at lists.sourceforge.net'
Cc: Radcliffe, David
Subject: [Nagios-users] Cisco router SNMP TRAPs - snmptrapd script
verification

 

Hello:

 

 

Can anyone look over my scripts in the word attachment and tell why the
"submit_check_result" script is not passing the information to Nagios.  It
could be because "handle-cisco-traps" script is not passing the trap
information to "submit_check_result" script.  I see the traps showing up on
the iptables firewall as allowed and the sniffer verifies it as well.  I've
gone to the extent to documenting  all scripts involved in this process and
I was wondering if anyone can help me that has more experience with
snmptrapd.   I'm fairly new at this.    I want to be able receive traps from
our core and cpe routers so it can set off alarms for various types of
traps.     Maybe you can point to more documentation.

 

Anything in red is what changes I made and on the submit_check_results, I
placed a statement to output the trap information to a log file just for a
test.   The log file never gets created because I fee that the script
"submit_check_result" never gets executed.   Included in the attachment is
also the sniffer capture.    Any help will greatly be appreciated.  Thanks
you.

 

snmptrad

 

snmptrapd script

 

#!/bin/bash

 

# ucd-snmp init file for snmptrapd

#

# chkconfig: - 50 50

# description: Simple Network Management Protocol (SNMP) Trap Daemon

#

# processname: /usr/sbin/snmptrapd

# config: /etc/snmp/snmptrapd.conf

# config: /usr/share/snmp/snmptrapd.conf

# pidfile: /var/run/snmptrapd.pid

#

# source function library

. /etc/init.d/functions

 

OPTIONS="-s -c /etc/snmp/snmptrapd.conf -C  -u /var/run/snmptrapd.pid"

RETVAL=0

prog="snmptrapd"

 

start() {

        echo -n $"Starting $prog: "

        daemon /usr/sbin/snmptrapd $OPTIONS

        RETVAL=$?

        echo

        touch /var/lock/subsys/snmptrapd

        return $RETVAL

}

 

stop() {

        echo -n $"Stopping $prog: "

        killproc /usr/sbin/snmptrapd

        RETVAL=$?

        echo

        rm -f /var/lock/subsys/snmptrapd

        return $RETVAL

}

 

reload(){

        stop

        start

}

 

restart(){

        stop

        start

}

 

condrestart(){

    [ -e /var/lock/subsys/snmptrapd ] && restart

    return 0

}

 

case "$1" in

  start)

        start

        ;;

  stop)

        stop

        ;;

  restart)

        restart

        ;;

  reload)

        reload

        ;;

  condrestart)

        condrestart

        ;;

  status)

        status snmptrapd

        RETVAL=$?

        ;;

  *)

        echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"

        RETVAL=1

esac

 

exit $RETVAL

 

 

snmptrapd.conf

 

# /etc/snmp/snmptrapd.conf

 

traphandle SNMPv2-MIB::coldStart
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 1

traphandle SNMPv2-MIB::warmStart
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 2

traphandle IF-MIB::linkDown
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 3

traphandle IF-MIB::linkUp
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 4

traphandle default
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 5

 

/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps

 

handle-cisco-traps

 

#!/bin/sh

#

# This script should handle the traps it will receive

# from the snmptrapd and defined in the snmptrapd.conf

#

 

read host

hostname="unkown"

ip=`host $host | awk -F" " '{print $3}'

esac

state=-1

output="No Output"

case $1 in

        1) output="Critical: Coldstart"

        state=2

        ;;

        2) output="Warning: Warmstart"

        state=1

        ;;

        3) output="Critical: Link down"

        state=2

        ;;

        4) output="Warning: Link up"

        state=2

        ;;

        5) output="Warning: Unknown trap"

        state=1

 

# SNMP Trap is the name of the service

/usr/lib/nagios/plugins/eventhandlers/submit_check_result $hostname "SNMP
Trap" $state "$output"




submit_check_result (Nagios)

 

#!/bin/sh

 

# SUBMIT_CHECK_RESULT

# Written by Ethan Galstad (nagios at nagios.org)

# Last Modified: 02-18-2002

#

# This script will write a command to the Nagios command

# file to cause Nagios to process a passive service check

# result.  Note: This script is intended to be run on the

# same host that is running Nagios.  If you want to

# submit passive check results from a remote machine, look

# at using the nsca addon.

#

# Arguments:

#  $1 = host_name (Short name of host that the service is

#       associated with)

#  $2 = svc_description (Description of the service)

#  $3 = return_code (An integer that determines the state

#       of the service check, 0=OK, 1=WARNING, 2=CRITICAL,

#       3=UNKNOWN).

#  $4 = plugin_output (A text string that should be used

#       as the plugin output for the service check)

#

 

echocmd="/bin/echo"

 

CommandFile="/usr/local/nagios/var/rw/nagios.cmd"

 

# get the current date/time in seconds since UNIX epoch

datetime=`date +%s`

 

# create the command line to add to the command file

cmdline="[$datetime] PROCESS_SERVICE_CHECK_RESULT;$1;$2;$3;$4"

 

# append the command to the end of the command file

`$echocmd $cmdline >> $CommandFile`

#`$echocmd $cmdline >> /backup/snmp-trap-test.log`




Sniffer Capture Packet

 

Frame 1 (211 bytes on wire, 211 bytes captured)

Ethernet II, Src: 00:0e:d7:74:cc:d1, Dst: 00:b0:d0:32:7a:7c

Internet Protocol, Src Addr: 192.168.24.60 (192.168.24.60), Dst Addr:
192.168.24.58 (192.168.24.58)

User Datagram Protocol, Src Port: 53914 (53914), Dst Port: snmptrap (162)

Simple Network Management Protocol

    Version: 2C (1)

    Community: test

    PDU type: TRAP-V2 (7)

    Request Id: 0x00000002

    Error Status: NO ERROR (0)

    Error Index: 0

    Object identifier 1: 1.3.6.1.2.1.1.3.0 (iso.3.6.1.2.1.1.3.0)

    Value: Timeticks: (212951) 0:35:29.51

    Object identifier 2: 1.3.6.1.6.3.1.1.4.1.0 (iso.3.6.1.6.3.1.1.4.1.0)

    Value: OID: iso.3.6.1.6.3.1.1.5.3

    Object identifier 3: 1.3.6.1.2.1.2.2.1.1.1 (iso.3.6.1.2.1.2.2.1.1.1)

    Value: INTEGER: 1

    Object identifier 4: 1.3.6.1.2.1.2.2.1.2.1 (iso.3.6.1.2.1.2.2.1.2.1)

    Value: STRING: "Ethernet0"

    Object identifier 5: 1.3.6.1.2.1.2.2.1.3.1 (iso.3.6.1.2.1.2.2.1.3.1)

    Value: INTEGER: 6

    Object identifier 6: 1.3.6.1.4.1.9.2.2.1.1.20.1
(iso.3.6.1.4.1.9.2.2.1.1.20.1)

    Value: STRING: "administratively down"

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20040510/459a3ab9/attachment.html>
Previous message: Cisco router SNMP TRAPs - snmptrapd script verification
Next message: Antwort: RE: Cisco router SNMP TRAPs - snmptrapd script ver ification
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list