Snmp traps from distributed node

We are running a distributed setup and one of our distributed nodes receives snmp traps.
We want these traps to be forwarded to our central node and then send out as alerts via email.

How do you do this?
We have set Notification spooling to “Forward to remote site by notification spooler” on the distributed node but nothing is forwarded to central node.

Is there anything else that needs to be setup to get it working?

Best regards
Daniel

How does the setting for the event console looks like for these traps?
The event console on the slave node must create a “monitoring notification” and this notification then can be forwarded to the central site.


Its checked on the rule under Event console

Note that we manage everything from the central node and then the configuration is pushed out to the distributed nodes. Is there any setting you have to do on the central node?

Now you have to inspect if the generated notification is processed correctly on the slave.
For this you need to activate the config on the slave and you can use the analysis function of the notification configuration. This must be done on the slave as you only see there the generated notifications.

You mean activate WATO on the slave node?

Yes to inspect the notifications there you must activate WATO.

Checked the notification dashboard on the slave node and we can see regular host/service notifications but none of the snmp traps.

If we check the mkeventd.log on the slave node we can see that the snmp traps are received.
Is there any other setting that we should look at? Under the ruleset or somewhere else.

Also is there any difference in setup between version 1.6 and 2.0?

In your event console rule you have the option.


Actions → Send monitoring notification
Or not?

Its checked on the rule.

Then you should see the event that it is generated inside the mkeventd there and you should see a notification that will be processed inside the notification system.

We have done some troubleshooting and have found the problem.
The rule is setup so it matches OID via regexp but after updating to 2.0 its seems that checkmk for whatever reason adds b’ so the regexp doesnt match anymore.

For example this one.
It adds b’ before community and timestamp

Uptime: 147 d, 1.3.6.1.6.3.18.1.3.0: 10.145.37.141, 1.3.6.1.6.3.18.1.4.0: b’public’, 1.3.6.1.6.3.1.1.4.3.0: 1.3.6.1.4.1.14867.1.1.2.1, 1.3.6.1.4.1.14867.1.1.2.2.1: b’257741’, 1.3.6.1.4.1.14867.1.1.2.2.2: b’Mon Oct 25 10:18:01 2021’,

Is this a bug?

@andreas-doehler Can confirm its a bug in python
/omd/versions/2.0.0p12.cee/lib/python3/cmk/ec/snmp.py is missing the following
val = value._value.decode(“utf-8”)

Its default in python2 but not python3
One of my colleagues did a patchfile that fixes this

— /omd/versions/2.0.0p12.cee/lib/python3/cmk/ec/snmp.py.orig 2021-10-05 09:21:07.000000000 +0200
+++ /omd/versions/2.0.0p12.cee/lib/python3/cmk/ec/snmp.py 2021-10-25 14:28:03.509899072 +0200
@@ -240,7 +240,7 @@
elif value.class.name == ‘TimeTicks’:
val = str(cmk.utils.render.Age(float(value._value) / 100))
else:

  •            val = value._value
    
  •            val = value._value.decode("utf-8")
    
           # Translate some standard SNMPv2 oids
           if key == '1.3.6.1.2.1.1.3.0':

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.