Interpret SNMP Traps

Hi everyone,

I would actually like to avoid traps, since it can be needed at times, I am currently familiarizing myself with the event console. So far everything works, I receive the traps from our Kentix or MessPC Temp sensors. Here there is the possibility to make a pull, but for testing/practice I play here temporarily with traps.

Now I’m still a bit inexperienced when it comes to the traps, unfortunately I don’t quite understand how I should interpret the data (make services out of it, etc.), the manual indicates it requires many rules? There are even checks for Kentix and Messpc, at least I can find some in the catalog and documentation of the check plugins

Now I have uptime and a list of numbers in my event console, how can I read the temperatures or the data from other applications, it probably has to do with translateing the OID?

I can’t find anything in the Rules and Host configs, nor anything about the integrations, maybe I’m a bit on the hose… :confused:

Thanks for any help!!!

First, ensure your site is configured to accept incoming traps. Log onto the site via SSH and run omd config. Drill down to Addins and ensure MKEVENTD and MKEVENTD_SNMPTRAP options are both on.

Create a single event console rule and call it something like “SNMP_Unhandled” as a catch-all for any SNMP traps that your system might receive and that are not handled elsewhere. Later, when you create more meaningful EC rules, keep this one at the bottom of the list and never delete it. In the Matching Criteria section, match syslog facility: snmptrap. In the Outcomes & Actions section, make the rule type “Normal operation - process message according to action settings”; State: UNKNOWN.

Don’t worry about uploading MIB files at this stage but in Event Console Settings, SNMP Traps section, change the Translate SNMP traps option to “Translate SNMP traps using the available MIBs”. You will also need to declare the SNMP credentials (aka community string) here.

Save the changes and try sending a trap to your Check_MK server. Navigate to Recent Event History and see if anything has been captured. What you see will give you a good insight as to what is being received, how it is translated and how to make sense of the data.

2 Likes

Check plugins use data fetched from an SNMP agent on the device. They have nothing to do with handling SNMP traps in the Event Console.

2 Likes

My personal preference would be to use continuous monitoring, such as suggested by r.sander, to overcome the fire-and-forget nature of SNMP traps. You are at liberty to use both methods but at the risk of duplicating alerts.

1 Like

thanks for your help guys, sadly i cant get the Kentix Multisensors working. From what I read those should be supported.

I switched to use the pull instead of traps. I added the Kentix Multisensors as Host and snmp is configured and active on those. When i do connections tests everything seems fine, snmp and ping are green, it reads data. When I want to do the Service detection I get the issue SNMP scan failed: Cannot fetch system object OID .1.3.6.1.2.1.1.2.0.

So ive read and read and activated the rule “Hosts without system description OID” - now the scan works but i only get 2 services - uptime and info. So i assume there is something missing… I even installed the mkp from the cmk-exchange plattform someone made for kentix, but nothing. I cant find any more information about this but on the official site says Kentix Sensors should be supported. Anyone knows what could be wrong?

Have you tried this extension: Checkmk Exchange ?

hi r.sander! yes, I installed exactly this mkp (version 2.X). I think the FW of our Kentix Multisensor is to old and the oids changed maybe. I will do an update first and check