configure receiving snmp traps

Mike Lindsey mike-nagios at 5dninja.net
Fri Sep 7 22:41:14 CEST 2012
Previous message: configure receiving snmp traps
Next message: R: configure receiving snmp traps
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 9/5/12 1:00 AM, Marco Borsani wrote:
>
> I read many docs, but I still have problem to configure nagios 3.x to 
> receive the traps.
>
> May someone explain the steps to follow to configure correctly this 
> issue ?
>
> Is it necessary other SW ?
>
>

You'll need to ensure that snmptrapd is enabled on your Nagios poller, 
and the typical route from there to get snmp traps submitted into Nagios 
is to install SNMPTT.

http://snmptt.sourceforge.net/

I recommend reading the docs for these, but, a very basic snmptrapd.conf 
would be:
###### snmptrapd.conf
snmpTrapdAddr udp:localhost,udp:YOUR_IP_HERE,tcp:YOUR_IP_HERE

authCommunity log,execute public
logOption f/var/log/snmptrapd.log
traphandle default /usr/sbin/snmptt -i /usr/local/share/snmp/snmptt.ini
######

And then in the TrapFiles section of snmptt.ini you might have:
######
[TrapFiles]
snmptt_conf_files = <<END
/usr/local/share/snmp/snmptt/asyncos.conf
END
######

In the included config file you map trap oids to script executions, like so:
###### asyncos.conf
# snmptt.conf file for AsyncOS traps.
#
# All of these are stateless so the handler script needs to set and 
clear the service.
# The service entry must have 0 retries set and be volatile.
#
# .1.3.6.1.4.1.15497
#

# powerSupplyStatusChange
# Status: .1.3.6.1.4.1.15497.1.1.1.8.1.2
EVENT powerSupplyStatusChange .1.3.6.1.4.1.15497.1.1.2.0.2 "asyncos" 
Critical
FORMAT $N trap from $r
EXEC /usr/local/nagios/customplugins/submit_trap $r AsyncOS-Trap_Alert 
$s 0 "$N: $*"
#
#####

Your submit_trap script takes that, and hands it off to Nagios.  You can 
submit through NSCA, or you can create a result file in the checkresult 
directory, or you can submit through the external command pipe.

I do it through NSCA:
##### submit_trap
#!/usr/local/bin/bash

PATH=/bin:/usr/bin:/usr/local/bin:/usr/local/nagios/customplugins:/usr/local/nagios/bin
CONFIG=/usr/local/nagios/etc/send_nsca.cfg
NSCA=`hostname`

HOST=$1
SERVICE=$2
STATUS=$3
STATEFUL=$4
MESSAGE=$5
case $STATUS in
"Critical")
     CODE=2
     ;;
"Warning")
     CODE=1
     ;;
"Normal")
     CODE=0
     ;;
*)
     CODE=3
     ;;
esac

printf "%s\t%s\t%s\t%s\n" "$HOST" "$SERVICE" $CODE "$MESSAGE" | 
send_nsca -H $NSCA -c $CONFIG
if [[ "$STATEFUL" == "0" ]] && [[ "$STATUS" != "0" ]]
then
     # Clear Nagios via delayed at now that the volatile ticket's gone 
through.
     echo "/usr/local/nagios/customplugins/clear.sh $HOST \"$SERVICE\" 
\"$MESSAGE\"" | at now + 15 minutes

fi
#####

...  and clear.sh for clearing stateless alerts.

#####
#!/usr/local/bin/bash

PATH=/bin:/usr/bin:/usr/local/bin:/usr/local/nagios/bin:/usr/local/ironport/nagios/bin
HOST=$1
SVC=$2
OUT=$3

if [[ "$HOST" == "" ]] || [[ "$SVC" == "" ]]
then
     echo "Need host, service, optional message."
     exit 3
fi

# Clear it
printf "%b" "$HOST\t$SVC\t0\tWas:$OUT\n" | send_nsca -H `hostname` -c 
/usr/local/nagios/etc/send_nsca.cfg

fi
#####

If you're using the auto-clear bits, your Nagios user will need to be 
able to add items to the at queue, you'll need to look at your 
distribution's documentation on how that's managed.  This is just one 
way of getting snmp traps working.  Unfortunately none of them that I 
know of overly straightforward.

Even if this doesn't work for you, it should give enough of an insight 
so that you've got a better idea on what to google for. Good luck.

-- 
Mike Lindsey

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20120907/25b5c470/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: configure receiving snmp traps
Next message: R: configure receiving snmp traps
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list