Antwort: RE: Cisco router SNMP TRAPs - snmptrapd script ver ification
h.baecker at ecofis.de
h.baecker at ecofis.de
Mon May 10 15:29:56 CEST 2004
Hi there,
Do you have a Nagios Host configured named by "unknown"?
When I am right your handle-cisco-traps script will determine what kind of
trap was received by trapd an then decides which Nagios state and which
output your submit check result will send to the nagios process but your
$hostname is a kind of static, isn't it?
###
read host
hostname="unknown"
....
....
./submit_check_result $hostname ... will ever be submit_check_result
unknown "SNMP Trap" $state $output
####
Did you try to execute the script manually? Like:
./handle-cisco-traps 5 or later
./submit_check_results unknown "SNMP Trap" 1 "All is good" ?
But it is a good idea! Do you know if it is possible to determine the IP
Adress of the trap sending host and take this info through the scripts?
We have got 500 Cisco Routers and the idea with passive Trap Checks is
just very good!
Thanks for the nice idea
Greeting
Hendrik
"Platt, Nicholas" <Nick.Platt at myflorida.com>
Gesendet von: nagios-users-admin at lists.sourceforge.net
10.05.2004 14:07
An
"'nagios-users at lists.sourceforge.net'"
<nagios-users at lists.sourceforge.net>
Kopie
"Radcliffe, David" <david.radcliffe at myflorida.com>
Thema
RE: [Nagios-users] Cisco router SNMP TRAPs - snmptrapd script ver
ification
Hello again:
I was advised to not post things in proprietary format which make sense.
The original message is below. If anyone can help me, it would greatly
appreciated.
-----Original Message-----
From: Platt, Nicholas [mailto:Nick.Platt at myflorida.com]
Sent: Friday, May 07, 2004 7:23 PM
To: 'nagios-users at lists.sourceforge.net'
Cc: Radcliffe, David
Subject: [Nagios-users] Cisco router SNMP TRAPs - snmptrapd script
verification
Hello:
Can anyone look over my scripts in the word attachment and tell why the
"submit_check_result" script is not passing the information to Nagios. It
could be because "handle-cisco-traps" script is not passing the trap
information to "submit_check_result" script. I see the traps showing up
on the iptables firewall as allowed and the sniffer verifies it as well.
I've gone to the extent to documenting all scripts involved in this
process and I was wondering if anyone can help me that has more experience
with snmptrapd. I'm fairly new at this. I want to be able receive
traps from our core and cpe routers so it can set off alarms for various
types of traps. Maybe you can point to more documentation.
Anything in red is what changes I made and on the submit_check_results, I
placed a statement to output the trap information to a log file just for a
test. The log file never gets created because I fee that the script
"submit_check_result" never gets executed. Included in the attachment is
also the sniffer capture. Any help will greatly be appreciated. Thanks
you.
snmptrad
snmptrapd script
#!/bin/bash
# ucd-snmp init file for snmptrapd
#
# chkconfig: - 50 50
# description: Simple Network Management Protocol (SNMP) Trap Daemon
#
# processname: /usr/sbin/snmptrapd
# config: /etc/snmp/snmptrapd.conf
# config: /usr/share/snmp/snmptrapd.conf
# pidfile: /var/run/snmptrapd.pid
#
# source function library
. /etc/init.d/functions
OPTIONS="-s -c /etc/snmp/snmptrapd.conf -C -u /var/run/snmptrapd.pid"
RETVAL=0
prog="snmptrapd"
start() {
echo -n $"Starting $prog: "
daemon /usr/sbin/snmptrapd $OPTIONS
RETVAL=$?
echo
touch /var/lock/subsys/snmptrapd
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc /usr/sbin/snmptrapd
RETVAL=$?
echo
rm -f /var/lock/subsys/snmptrapd
return $RETVAL
}
reload(){
stop
start
}
restart(){
stop
start
}
condrestart(){
[ -e /var/lock/subsys/snmptrapd ] && restart
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
condrestart)
condrestart
;;
status)
status snmptrapd
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
RETVAL=1
esac
exit $RETVAL
snmptrapd.conf
# /etc/snmp/snmptrapd.conf
traphandle SNMPv2-MIB::coldStart
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 1
traphandle SNMPv2-MIB::warmStart
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 2
traphandle IF-MIB::linkDown
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 3
traphandle IF-MIB::linkUp
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 4
traphandle default
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps 5
/usr/local/nagios/libexec/eventhandlers/handle-cisco-traps
handle-cisco-traps
#!/bin/sh
#
# This script should handle the traps it will receive
# from the snmptrapd and defined in the snmptrapd.conf
#
read host
hostname="unkown"
ip=`host $host | awk -F" " '{print $3}'
esac
state=-1
output="No Output"
case $1 in
1) output="Critical: Coldstart"
state=2
;;
2) output="Warning: Warmstart"
state=1
;;
3) output="Critical: Link down"
state=2
;;
4) output="Warning: Link up"
state=2
;;
5) output="Warning: Unknown trap"
state=1
# SNMP Trap is the name of the service
/usr/lib/nagios/plugins/eventhandlers/submit_check_result $hostname "SNMP
Trap" $state "$output"
submit_check_result (Nagios)
#!/bin/sh
# SUBMIT_CHECK_RESULT
# Written by Ethan Galstad (nagios at nagios.org)
# Last Modified: 02-18-2002
#
# This script will write a command to the Nagios command
# file to cause Nagios to process a passive service check
# result. Note: This script is intended to be run on the
# same host that is running Nagios. If you want to
# submit passive check results from a remote machine, look
# at using the nsca addon.
#
# Arguments:
# $1 = host_name (Short name of host that the service is
# associated with)
# $2 = svc_description (Description of the service)
# $3 = return_code (An integer that determines the state
# of the service check, 0=OK, 1=WARNING, 2=CRITICAL,
# 3=UNKNOWN).
# $4 = plugin_output (A text string that should be used
# as the plugin output for the service check)
#
echocmd="/bin/echo"
CommandFile="/usr/local/nagios/var/rw/nagios.cmd"
# get the current date/time in seconds since UNIX epoch
datetime=`date +%s`
# create the command line to add to the command file
cmdline="[$datetime] PROCESS_SERVICE_CHECK_RESULT;$1;$2;$3;$4"
# append the command to the end of the command file
`$echocmd $cmdline >> $CommandFile`
#`$echocmd $cmdline >> /backup/snmp-trap-test.log`
Sniffer Capture Packet
Frame 1 (211 bytes on wire, 211 bytes captured)
Ethernet II, Src: 00:0e:d7:74:cc:d1, Dst: 00:b0:d0:32:7a:7c
Internet Protocol, Src Addr: 192.168.24.60 (192.168.24.60), Dst Addr:
192.168.24.58 (192.168.24.58)
User Datagram Protocol, Src Port: 53914 (53914), Dst Port: snmptrap (162)
Simple Network Management Protocol
Version: 2C (1)
Community: test
PDU type: TRAP-V2 (7)
Request Id: 0x00000002
Error Status: NO ERROR (0)
Error Index: 0
Object identifier 1: 1.3.6.1.2.1.1.3.0 (iso.3.6.1.2.1.1.3.0)
Value: Timeticks: (212951) 0:35:29.51
Object identifier 2: 1.3.6.1.6.3.1.1.4.1.0 (iso.3.6.1.6.3.1.1.4.1.0)
Value: OID: iso.3.6.1.6.3.1.1.5.3
Object identifier 3: 1.3.6.1.2.1.2.2.1.1.1 (iso.3.6.1.2.1.2.2.1.1.1)
Value: INTEGER: 1
Object identifier 4: 1.3.6.1.2.1.2.2.1.2.1 (iso.3.6.1.2.1.2.2.1.2.1)
Value: STRING: "Ethernet0"
Object identifier 5: 1.3.6.1.2.1.2.2.1.3.1 (iso.3.6.1.2.1.2.2.1.3.1)
Value: INTEGER: 6
Object identifier 6: 1.3.6.1.4.1.9.2.2.1.1.20.1
(iso.3.6.1.4.1.9.2.2.1.1.20.1)
Value: STRING: "administratively down"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20040510/369b2af0/attachment.html>
More information about the Users
mailing list