NeDi Community

Networking => Management => Topic started by: edouard on July 25, 2011, 12:13:02 PM

Title: Trap configuration with SNMPTRAPD
Post by: edouard on July 25, 2011, 12:13:02 PM
Hello,

Here is my config to make act Traps with NEDI  ???

In /etc/default/snmpd :
   export MIBDIRS=/usr/share/snmp/mibs
   SNMPDRUN=yes
   SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
   TRAPDRUN=yes
   TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
   SNMPDCOMPAT=yes

in /etc/snmp/snmpd.conf :
   agentAddress  udp:192.168.1.9:161
   rocommunity public  localhost
   rocommunity public  default    -V systemonly
   rocommunity secret  192.168.1.0/24
   ...

In /etc/snmp/snmptrapd.conf :
   authCommunity log,execute,net public
   traphandle      default /opt/nedi/trap.pl

I see : in ps -ef | grep tarp.
   root      4727     1  0 11:05 ?        00:00:01 /usr/sbin/snmptrapd -Lsd -p /var/run/snmptrapd.pid

And with tcpdump - i eth0 | grep trap
   12:09:41.459701 IP 192.168.1.2.1025 > mypc.local.snmp-trap:  C=rec Trap(83)  E:25506.1.8 192.168.1.2 linkUp 34198776 interfaces.ifTable.ifEntry.ifIndex.19=19 interfaces.ifTable.ifEntry.ifAdminStatus.19=1 interfaces.ifTable.ifEntry.ifOperStatus.19=1

Where traps are logged in NEDI ? Where does I found them ?

Does device and community match values to catch them ?

Thanks

Edouard


Title: Re: Trap configuration with SNMPTRAPD
Post by: edouard on July 25, 2011, 02:00:23 PM
I make an error  :-[ , the community from trap doens't match in snmptrapd.conf

I correct this, I tests with logging :

   donotlogtraps false
   logOption f /var/log/snmptraps.log
   authCommunity log,execute,net rec
   traphandle      default /opt/nedi/trap.pl

I see the trap in the file /var/log/snmptraps.log

But nothing in Nedi

Does someone know ?  ???
Title: Re: Trap configuration with SNMPTRAPD
Post by: rickli on July 26, 2011, 08:44:37 PM
add /var/nedi/trap.pl as traphandler and they should show up in events...
Title: Re: Trap configuration with SNMPTRAPD
Post by: edouard on July 28, 2011, 04:43:00 PM
add /var/nedi/trap.pl as traphandler and they should show up in events...

Ok, I correct the config in snmptrapd.conf, this line :

traphandle      default     /usr/bin/perl   /opt/nedi/trap.pl

And it's running well !!!  :D

I've got the traps in "Monitoring" => "Events"

Thanks.

Edouard
Title: Re: Trap configuration with SNMPTRAPD
Post by: rickli on July 28, 2011, 06:03:50 PM
I have to warn you though, it's something I terribly neglected in favour of syslog! trap.pl has some hardcoded oids it recognizes, but that's about it. Of course this could be used as a base in order to develop reactive policies in conjunction with Devsend.pl...something else I never really had time for  ;)
Title: Re: Trap configuration with SNMPTRAPD
Post by: edouard on July 29, 2011, 09:55:37 AM
Ok, Thanks. ;). I need only to catch trap "linkdown" for specific interface or VLAN form switches. No more initially.
Is it anywhere in Nedi something what can let user choice for message in function of OID when trap's OID are unknown ? (for example file like trap.conf where user could write something like : 1.3.6.3.1.4 = "Hello"...)
But traps are defined in switches and routers and more used is "linkdown". Other traps that could interest us are "agregated link down" or "degraded agreg link", "trunkdown" or "spanningtree topology change"... But while Nedi can make it, some switches like 3com Supersatck 3 4400 have it's limits.
Title: Re: Trap configuration with SNMPTRAPD
Post by: redpineapple on February 21, 2012, 06:38:48 PM
Oops, I posted in the wrong spot.

This http://forum.nedi.ch/index.php?topic=1241.msg4490#msg4490 should be here.

I have a large snmptt.conf file that covers most traps from most vendors but it is too large to post.
Title: Re: Trap configuration with SNMPTRAPD
Post by: Basiliss on January 13, 2016, 01:12:07 AM

In /etc/default/snmpd :
   export MIBDIRS=/usr/share/snmp/mibs
   SNMPDRUN=yes
   SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
   TRAPDRUN=yes
   TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
   SNMPDCOMPAT=yes

in /etc/snmp/snmpd.conf :
   agentAddress  udp:192.168.1.9:161
   rocommunity public  localhost
   rocommunity public  default    -V systemonly
   rocommunity secret  192.168.1.0/24
   ...

In /etc/snmp/snmptrapd.conf :
   authCommunity log,execute,net public
   traphandle      default /opt/nedi/trap.pl


I have configured traps as above and it works, but now I get those cryptic messages like "iso.3.6.1.2.1.1.3.0 244:1:02:57.01, iso.3.6.1.6.3.1.1.4.1.0 iso.3.6.1.6.3.1.1.5.3, iso.3.6.1.2.1.2.2.1.1.10035 10035, iso.3.6.1.2.1.2.2.1.2.10035 FastEthernet1/0/35, iso.3.6.1.2.1.2.2.1.3.10035 6, iso.3.6.1.4.1.9.2.2.1.1.20.10035 down, iso.3.6.1.6... "

Has anyone worked on that part?