Show some LOVE, LIKE our page :)

Sunday, November 8, 2009

Nagios Receive SNMP Traps (with SNMPTT)

SNMPTT (SNMP Trap Translator) interacts with snmptrapd to receive traps and process them into Nagios by matching the IP of the trapping host to a host in Nagios and changing a passive check in Nagios to alert someone.

In the below guide:

[APC-UPS] –>send traps to–> [SNMPTRAPD –> SNMPTT –> NAGIOS]

clip_image001

Here’s a simple guide, adapted and made much more cut and dry (and a little more simpler) from the guide found here.

We use Nagios 3.20, SNMPTT 1.3beta2, Debian Lenny (5). This below is fully tested based on Daniel’s script for installing Nagios 3.20 found here.

As usual, your feedback will mean a lot to us. Thanks!

Sanjay.

Download some pre-reqs
=======================

Main component is SNMP (and some snmp tools) so do this at the CLI

apt-get install snmp snmpd libsnmp-dev

SNMPTT setup starts
===================

1) apt-get install unzip

2) cd /usr/src

3) wget http://search.cpan.org/CPAN/authors/id/C/CH/CHORNY/Text-ParseWords-3.27.zip

4) unzip Text-ParseWords-3.27.zip

5) cd Text-ParseWords-3.27

6) perl Makefile.PL

7) make test

8) make install

9) perl -MCPAN -e shell

At the Perl CLI
install YAML
install Getopt::Long
install Config::IniFiles
install Time::HiRes
install Sys::Hostname
install Text::Balanced
install Sys::Syslog
install DBI
install DBD::mysql
install Crypt::DES
install Digest::MD5
install Digest::SHA1
install Digest::HMAC
install Net::SNMP

Download, install and configure snmptt (the magician)
=====================================================

10) cd /usr/src

11) wget http://downloads.sourceforge.net/project/snmptt/snmptt/snmptt_1.3beta2/snmptt_1.3beta2.tgz?use_mirror=nchc

12) tar -zxvf snmptt_1.3beta2.tgz

13) cd snmptt_1.3beta2

14) cp snmptthandler /usr/sbin

15) cp snmptt /usr/sbin

16) cp snmpttconvert /usr/sbin

17) cp snmpttconvertmib /usr/sbin

Configure snmptrapd to not log but send them to snmptt
======================================================
18) nano /etc/snmp/snmptrapd.conf

19) Enter the following lines in there

traphandle default /usr/sbin/snmptt
disableAuthorization yes
donotlogtraps yes

Configure and enable the snmptrapd as a service
===============================================
20a) nano /etc/default/snmpd and /etc/init.d/snmpd

TRAPDRUN=yes
TRAPDOPTS='-On -Lsd -p /var/run/snmptrapd.pid'

20b) /etc/init.d/snmpd start

21) netstat -an | grep "162"
>> Should see output

22) cd usr/src/snmptt_1.3beta2

23) cp snmptt.ini /etc/snmp

24) nano /etc/snmp/snmptt.ini, look for and change the following settings

net_snmp_perl_enable = 1
dns_enable=1

25) cd /usr/src/nagios-plugins-1.4.13/

26) mkdir /usr/local/nagios/libexec/eventhandlers

27) cd /usr/local/nagios/libexec/eventhandlers

28) wget http://www.intuitinnovations.com/nagios/download312/submit_check_result

29) chmod +x submit_check_result

TESTING - Create sample to test
===============================
30) cd /usr/share/snmp/mibs
31) wget
http://www.intuitinnovations.com/nagios/download312/PowerNet-MIB.mib

32) snmpttconvertmib --in=PowerNet-MIB.mib --out=/etc/snmp/snmptt.conf.apcpower --exec='/usr/local/nagios/libexec/eventhandlers/submit_check_result $r TRAP 1'

Here, the line above, you can change TRAP to any name as long as it matches the Service name in Nagios and 1 is the alert type, 0=OK, 1=WARNING, 2=CRITICAL etc..

33) nano /etc/snmp/snmptt.ini

add the /etc/snmp/snmptt.conf.cpqpower in [TrapFiles], comment out snmptt.conf
Example: Here we added /etc/snmp/snmptt.conf.apcpower based on the snmpttconvertmib outputfile like above

[TrapFiles]
snmptt_conf_files = <<END
/etc/snmp/snmptt.conf.apcpower
END

Enable log rotation
=======================
34) nano /etc/logrotate.conf
This is for log rotation. Add the following line at the end

/var/log/snmp/snmptt.log /var/log/snmp/snmpttunknown.log
{
missingok
}

35) mkdir /var/log/snmptt

36) touch /var/log/snmptt/snmptt.log

37) touch /var/log/snmptt/snmpttunknown.log

Configuring hosts file
=======================
Traps send IP not name, so we must configure /etc/hosts to add the name and ip of the device sending traps to us

38) nano /etc/hosts

Add the following as sample

192.168.1.11 sanjaypc

>> Important! This name will be the same as your hosts.cfg file in nagios that will receive the traps

Send a sample trap: - Load the same MIBs into a program like ireasoning and send a trap to your nagios IP
=======================================================

39) tail -f /var/log/snmptt/snmptt.log
Sun Nov 8 09:09:11 2009 .1.3.6.1.4.1.318.0.5 WARNING "Status Events" 192.168.157.1 - APC UPS: On battery: The UPS has switched to battery backup power.

40) tail -f /var/log/messages --- Output (after configuring Nagios settings below - or at least have a host/service defined that matches sanjaypc and TRAP)
Nov 8 09:09:20 server1 nagios: PASSIVE SERVICE CHECK: sanjaypc;TRAP;1;APC UPS: On battery: The UPS has switched to battery backup power.

Configuring Nagios- Sample definitions
=====================================

trap-service template
=====================================

define service{
name generic-service
register 0
check_period 24x7
max_check_attempts 3
normal_check_interval 15
retry_check_interval 5
active_checks_enabled 1
passive_checks_enabled 0
parallelize_check 1
obsess_over_service 0
check_freshness 0
event_handler_enabled 0
flap_detection_enabled 0
process_perf_data 1
retain_status_information 1
retain_nonstatus_information 1
notification_interval 60
notification_period 24x7
notification_options w,u,c,r
notifications_enabled 1
}

define service{
name trap-service
use generic-service
register 0
service_description TRAP
is_volatile 1
check_command check-host-alive
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
passive_checks_enabled 1
check_period none
notification_interval 0
contact_groups admins
}

Create service to host - NOTE: Hostname must match to /etc/hosts definition we created earlier
==================================================

define service{
host_name sanjaypc
use trap-service
contact_groups admins
}

41) Restart nagios

42) Send a trap again and check Nagios website, it should turn yellow [WARNING] and a notificaiton sent out

6 comments:

depression said...

SNMPTT interacts with snmptrapd to receive traps and process them into Nagios by matching the IP of the trapping host to a host in Nagios and changing a passive check in Nagios to alert someone.

ami said...

GOOD!!!.......................................................................................

Mukund Parmar said...

is it work with RHEL 6
because that i m try it in RHEL6 but some command like install DBI not give a some output ok like skipped some SQL stetments so
mukund parmar

Mukund Parmar said...


working with RHEL 6 ?

i tryid it but giving me some output during install DBI cmd give me a output like skipped SQL stetmnets so
thanks in advance

Shankar Patel said...

How to perform this task?

"Send a sample trap: - Load the same MIBs into a program like ireasoning and send a trap to your nagios IP "

Francisco Gomez Leo said...

Could you explain me what code has net_snmp_perl_enable ?

thanks