snmp traps

Marc Powell marc at ena.com
Mon Jun 5 14:51:04 CEST 2006
Previous message: snmp traps
Next message: check_nt uptime unable to display
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You need to have a command{} definition named 'passive_check_missing'.
It would normally be the command that nagios would execute for freshness
checking but since you're not interested in freshness and it will never
be executed with 'check_period none', it can be as simple as 

define command {
    command_name                   passive_check_missing
    command_line                   $USER1$/check_dummy 0
    }

--
Marc

> -----Original Message-----
> From: nagios-users-bounces at lists.sourceforge.net [mailto:nagios-users-
> bounces at lists.sourceforge.net] On Behalf Of Vinod
> Sent: Monday, June 05, 2006 1:28 AM
> To: Hannu Liljemark; nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] snmp traps
> 
> Hi Hannu
> 
> Thanks a lot for the information you provided.
> I still have some issues in the services.cfg file
> i have pasted it below, i get this error in cgi
> Status information:CRITICAL: Passive Service check is missing!
> If i set the check_period none nagios does not start.
> Please advice
> 
> define service{
>         name                            generic-service
>         active_checks_enabled           0
>         passive_checks_enabled          1
>         parallelize_check               1
>         obsess_over_service             1
>         check_freshness                 0
>         notifications_enabled           1
>         event_handler_enabled           1
>         flap_detection_enabled          1
>         failure_prediction_enabled      1
>         process_perf_data               1
>         retain_status_information       1
>         retain_nonstatus_information    1
>         register                        0
>         retry_check_interval    1
>         }
> 
> 
> 
> define service{
>         register                        0
>         name                            passive-check-template
>         use                             generic-service
>         check_freshness                 1
>         check_period                    none
>         passive_checks_enabled          1
>         max_check_attempts              1
>         check_command                   passive_check_missing
>         notification_interval 120
>        notification_period     24x7
>        notification_options    w,c,r
>         freshness_threshold             600
> }
> 
> 
> 
> define service {
>     use    passive-check-template
>     host_name     node
>    contact_groups    admins
>     service_description    snmp_trap_handling_ok
>     register        1
>    normal_check_interval   2
>     retry_check_interval    2
>     check_period 24x7
> }
> 
> Regards
> Vinod Moraes
> 
> 
> Hannu Liljemark <hannu.liljemark at gstdomain.net> wrote:
> 
> 	On Wed, May 31, 2006 at 12:39:47AM -0700, Vinod wrote:
> 
> 	> I tried to configure nagios to listen to snmp traps from a
host.
> 	> i have been referring to documents
> 	> http://www.samag.com/documents/s=9559/sam0503g/
> 	>
http://www.snmptt.org/docs/snmptt.shtml#Integration-with-other-
> software
> 
> 	I've been using http://www.samag.com/documents/s=9559/sam0503g/
with
> 	good success.
> 
> 	> Secondly
> 	> http://www.samag.com/documents/s=9559/sam0503g/
> 	> speicifes
> 	> use passive-check-template
> 	> but its not mentioned how to define the passive-check-template
> 
> 	You can define passive_check_missing in checkcommands.cfg,
> 	although it wont be used in this case:
> 
> 	define command{
> 	command_name passive_check_missing
> 	command_line $USER1$/passive_check_missing.sh
> 	}
> 
> 
> 	Here's what passive_check_missing.sh looks like:
> 
> 	#!/bin/sh
> 
> 	/bin/echo "CRITICAL: Passive Service check is missing!"
> 
> 	exit 2
> 
> 
> 	In services.cfg we define the template that will be used by the
> 	snmp_trap_handling_* service checks:
> 
> 	define service{
> 	register 0
> 	name passive-check-template
> 	use generic-service
> 	check_freshness 1
> 	check_period none
> 	passive_checks_enabled 1
> 	max_check_attempts 1
> 	check_command passive_check_missing
> 	freshness_threshold 600
> 	}
> 
> 
> 	I've been converting mibs with:
> 
> 	snmpttconvertmib --net_snmp_perl --format_desc=6 --in=FOO.mib \
> 	--out=/etc/snmp/snmptt-FOO.conf
> 
> 	as that seems to produce EVENTs with descriptions making more
> 	sense than the default convert shown in the article. You may
want
> 	to look though them anyway or replace 6 with smaller number.
> 	Check 'snmpttconvermib --help' for more info.
> 
> 	I've also made a small change to the snmptraphandling.py. Trend
> 	Micro's MIBs use the severity NORMAL when snmptraphandling.py
> 	only matches Normal (case sensitive). So I've added a section
> 	to also match NORMAL.
> 
> 	My sec.conf looks like:
> 
> 	type=Single
> 	ptype=RegExp
> 	pattern=(\w+\s+\d+\s\d+:\d+:\d+)\s[\w\.\-]+\ssnmptt\[\d+\]:\s\
> 	([\d\.]*)\s(Normal|NORMAL|INFORMATIONAL|MINOR|WARNING|SEVERE|\
> 	MAJOR|CRITICAL)\s\"Status Events\"\s([\w\.\-]*)\s\-\s(.*)
> 	desc=snmptrap received from $3
> 	action=shellcmd
> /opt/nagios/libexec/eventhandlers/snmptraphandling.py\
> 	$4 $3 "$5"
> 
> 	When converting MIBs, you also may want to check them
> 	through to see what kind of severities are defined for various
> traps.
> 	So far there seems to a lot of Normal severity traps even for
traps
> 	that alert you about hardware failures etc. The article says
"One
> 	of the beauties of this solution is that we can use the event
> severity
> 	set by the mib designer. Nagios will always report the event
status
> 	based on this information." and I think this is somewhat
problematic
> 	with a lot of MIBs. Many traps seem to define the severity
somewhere
> 	else.
> 
> 	Lets take examples from SUN-PLATFORM-MIB. Some Sun server might
> 	send alarm traps and these have Normal severity so snmptt + sec
+
> Nagios
> 	would map them to OK. However they might be something worse:
> component
> 	has blown up or system is reaching temperatures where metal
starts
> 	to melt... so I guess this setup has some drawbacks.
> 
> 	EVENT sunPlatEquipmentAlarm .1.3.6.1.4.1.42.2.70.101.2.0.5\
> 	"Status Events" Normal
> 	EVENT sunPlatEnvironmentalAlarm .1.3.6.1.4.1.42.2.70.101.2.0.4\
> 	"Status Events" Normal
> 
> 	You get the severity as a variable:
> 
> 	7: sunPlatNotificationPerceivedSeverity
> 	Syntax="INTEGER"
> 	1: indeterminate
> 	2: critical
> 	3: major
> 	4: minor
> 	5: warning
> 	6: cleared
> 	Descr="The perceived severity of the alarm, as specified by
> 	the agent that generated it in accordance with X.733,
> 	sec. 8.1.2.3."
> 
> 	I'd be interesting in hearing from others if they've come up
with
> 	some solution to this, or if I've misunderstood something.
> 
> 	Regards,
> 
> 	--
> 	Hannu Liljemark | Appelsiini Finland Oy | http://appelsiini.fi
> 
> 
> 	_______________________________________________
> 	Nagios-users mailing list
> 	Nagios-users at lists.sourceforge.net
> 	https://lists.sourceforge.net/lists/listinfo/nagios-users
> 	::: Please include Nagios version, plugin version (-v) and OS
when
> reporting any issue.
> 	::: Messages without supporting info will risk being sent to
> /dev/null
> 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com


_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: snmp traps
Next message: check_nt uptime unable to display
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list