Create SNMP Trap definition file

Prerequisites

Before using this document, trap reception must be configured on the SNB. See procedure: 1 – Configure the box to receive the traps

 

Objectives

This document is intended for any person (client or consultant) wishing to add a trap definition file to define the actions to be performed when they are received by a SNB.

 

Configuration file

/etc/snmp/snmptt.ini -> configuration of snmptt, will be used to indicate which trap definition files to interpret.

/ etc / snmp / trapConf / * -> trap definition files. For each trap an action is configured.

/var/log/snmptt/*.trap -> one file per server generating traps; file where traps are received by the SNB.

/var/log/snmptt/snmpttunknown.log -> file containing ‘unknown’ traps; traps received but not entered into a definition file.

Principles

On receipt of a trap, the box will check in the definition file defined in snmptt.ini if an action is should be triggered on receipt of this event.

If so, the action defined in the definition file will be executed. This action will write the received trap to a * .trap file where * will be replaced by the IP address of the machine that originated the trap.

If not, the trap will be written to the unknown traps file (/var/log/snmptt/snmpttunknown.log)

 

Create a trap definition file

Manual creation

Connect to the box that collects the traps.

Go to the folder /etc/snmp/trapConf:

cd / etc / snmp / trapConf

Create a definition file:

vim myTrapDef.conf

After analysis of the MIB of the host/device.

For each trap that we want to process we must add 2 lines:

EVENT linkDown .1.3.6.1.6.3.1.1.5.3 “Status Events” INFORMATIONAL
EXEC echo “$x$X |-| $o |-| Link down on interface $1″ >> /var/log/snmptt/”$aA”.trap
#

The red parts are the only things that can be changed. The rest should be left as is.

The first line “EVENT” describes the type of event. It is necessary to put the name of the event in a word and the oid of the trap.

The second line “EXEC” will describe the action to be performed on receipt of the trap. Here the trap will be written in a file.

It has a precise format. The fields of the message written to the file must be separated by the separator | – |.

The sentence written in the 3rd field will be the one displayed in the output of the plugin on the ServiceNav web interface.

In the example, the variable $ 1 represents the first variable of the trap. To undersatand what variable may be contained in the traps of a device, it is necessary to analyze the MIB.

If we want to display all the variables of the trap, we will use $*.

Example

A definition file for a Juniper SRX device that will capture the UP and DOWN traps of a network link and a Fan Fail trap:

 

EVENT linkDown .1.3.6.1.6.3.1.1.5.3 “Status Events” INFORMATIONAL

EXEC echo “$ x $ X | – | $ o | – | Link down on interface $ 1″ >> /var/log/snmptt/”$aA”.trap

#

EVENT linkUp .1.3.6.1.6.3.1.1.5.4 “Status Events” INFORMATIONAL

EXEC echo “$ x $ X | – | $ o | – | Link up on interface $ 1″ >> /var/log/snmptt/”$aA”.trap

#

EVENT fanDown .1.3.6.1.4.1.2636.4.1.2 “Status Events” INFORMATIONAL

EXEC echo “$ x $ X | – | $ o | – | Fan down” >> /var/log/snmptt/”$aA”.trap

Here is what the contents of the file where the received traps are written might look like:

 

10 10 16:09:32 | – | .1.3.6.1.4.1.2636.4.1.2 | – | Fan down

11 10 09:05:03 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

11 10 09:05:04 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

12 10 08:05:29 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

12 10 08:06:31 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

12 10 09:37:50 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

12 10 11:25:52 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

13 10 03:27:40 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

13 10 03:27:41 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

13 10 17:05:27 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

13 10 17:05:51 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

14 10 01:06:46 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

14 10 01:06:51 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

14 10 09:07:38 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

14 10 09:07:52 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

14 10 17:08:40 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

14 10 17:08:54 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

15 10 01:09:42 | – | .1.3.6.1.6.3.1.1.5.3 | – | Link down on interface 535

15 10 01:09:55 | – | .1.3.6.1.6.3.1.1.5.4 | – | Link up on interface 535

 

Automatic creation with snmpttconvertmib

It is possible to generate the definition file automatically, from a MIB file.

 

Using the definition file

Edit the file /etc/snmp/snmptt.ini

vim /etc/snmp/snmptt.ini

At the end of the file, in the [TrapFiles] section.

 

Add the path to the definition file:

snmptt_conf_files =

<< END

/etc/snmp/trapConf/linkState.conf

/etc/snmp/trapConf/myTrapDef.conf

/etc/snmp/trapConf/anOtherDef.conf

END

Restart the snmptt service:

systemctl restart snmptt

Deploy a service check in ServiceNav

Create a check with the TRAP-Handle template

Every minute, the plugins will read in the * .trap file for the monitored host.

For each new line that appears since the previous check, the plugin will look if it finds one of the patterns set in parameter and return the status accordingly. It is the pattern of the last trap received that will be processed.

Premium WordPress Themes Download
Download Nulled WordPress Themes
Free Download WordPress Themes
Download Nulled WordPress Themes
ZG93bmxvYWQgbHluZGEgY291cnNlIGZyZWU=
download micromax firmware
Download Premium WordPress Themes Free
udemy course download free

UK ServiceNav Product Development Manager; my priority is to be needful of the particular requirements of all ‘English-speaking’ markets where ServiceNav is sold. I have over 20 years experience of the IT monitoring field - covering a wide variety of products and technologies.