SNMPv3 context feature not working? 2.3.0p17

Hello community,

I’d like to ask if anyone had any success in developing a plugin with the new API using snmpv3 contexts?

I’ve created a SimpleSNMPSection and a rule for it to poll it with multiple snmp contexts. When debugging in I can see BULKWALK is executed multiple times with different data retrieved, however the second and later walks have a remark Duplicate OID found.
In the end the parser gets called only once, with data from the first context only.

Any ideas?

Update: It seems like the discovery mechanism works with snmp contexts now. If I create a rule with contexts the discovered item is different. However the same issue remains, the data from the second and later contexts are not pushed for discovery.

It seems to be a bug, would appreciate if anyone could confirm this behaviour.

To confirm this behavior it would be helpful to know what type of device you try to query and what check (code) is used.

I’m trying to monitor Check Point VSX firewalls (R81.x) in virtual system mode for CPU usage of individual virtual systems. Manual SNMP walking works just fine.

The code is as follows:

from cmk.agent_based.v2 import (
    CheckPlugin,
    check_levels,
    equals,
    contains,
    Service,
    SimpleSNMPSection,
    SNMPSection,
    SNMPTree,
    State,
    Result,
    any_of
)
from cmk.utils import debug

def parse_checkpoint_vsx_cpu(string_table):
    if debug.enabled():
        print("PARSE:", string_table)

    parsed_data = {
        "vs_name": string_table[0][0][0],   
        "vs_id": string_table[0][0][1],
        "vs_type": string_table[0][0][2],
        "vs_procs": {},
        "vs_cpu_usage": 0,
    }
    for proc in string_table[1]:
        parsed_data['vs_procs'].update({
            proc[0]: {
                "proc_cpu_usage": int(proc[1])
            }
        })
        parsed_data["vs_cpu_usage"] += int(proc[1])

    if debug.enabled():
        print("PARSED:", parsed_data)
    return parsed_data

def discover_checkpoint_vsx_cpu(section):
    if debug.enabled():
        print("DISCOVERY:")
        print("Item:", section["vs_name"])

    yield Service(item=section["vs_name"])

def check_checkpoint_vsx_cpu(item, params, section):
    if debug.enabled():
        print("CHECK:", item)
        print("PARAMS:", params)
        print("SECTION:", section)

    if section and item == section["vs_name"]:
        yield Result(state=State.OK, summary=f"Usage: {section["vs_cpu_usage"]}")


snmp_section_checkpoint_vsx_cpu = SNMPSection(
    name = "checkpoint_vsx_cpu",
    parse_function = parse_checkpoint_vsx_cpu,
    detect = any_of(
        contains(".1.3.6.1.4.1.2620.1.6.21.2.0", "Virtual"), # vdType contains Virtual
        equals(".1.3.6.1.4.1.2620.1.6.21.2.0", "VSX Gateway") # vdType = VSX Gateway
    ),
    fetch = [
        SNMPTree(
            base=".1.3.6.1.4.1.2620.1.6.21", # svnVsxInfo
            oids=[
                "1",    # vdName
                "3",    # ctxId
                "2",    # vdType
            ]
        ),
        SNMPTree(
            base=".1.3.6.1.4.1.2620.1.1.31.1.1", # fwInstancesCPU
            oids=[
                "1",    # fwInstancesCPUInstanceName
                "2",    # fwInstancesCPUUsage
            ]
        ),
    ]
)

check_plugin_checkpoint_vsx_cpu = CheckPlugin(
    name = "checkpoint_vsx_cpu",
    service_name = "VSX System %s CPU",
    discovery_function = discover_checkpoint_vsx_cpu,
    check_function = check_checkpoint_vsx_cpu,
    check_default_parameters = {},
)

The context rule is setup like this:

image1551×347 33.5 KB

You can see directly what is used as context from CMK if you do a “cmk --debug -vvI hostname”. With enterprise edition you need to change the SNMP backend to the classic one to see the complete call with context included.

Thanks for the hint with classic snmp. Here are the debug logs. Hostname, username, ip address replaced for dummy ones. As I said, the snmpwalks are being executed for the different context however the results of the second and later contexts seem to be discarded as duplicate OIDs…

cmk --debug --snmp-backend classic -vvI --plugins checkpoint_vsx_cpu hostname0
...
checkpoint_vsx_cpu: Fetching data (SNMP walk cache cleared)
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid1 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.1'
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid2 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.1.0 (b'hostname2')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid3 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.1.0 (b'hostname3')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid4 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.1.0 (b'hostname4')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid1 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.3'
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid2 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.3'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.3.0 (b'2')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid3 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.3'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.3.0 (b'3')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid4 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.3'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.3.0 (b'4')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid1 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.2'
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid2 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.2.0 (b'Virtual Switch')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid3 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.2.0 (b'Virtual System')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid4 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.6.21.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.6.21.2.0 (b'Virtual System')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid1 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.1'
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid2 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.1.0 (b'fwk2_dev_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.2.0 (b'jemalloc_bg_thd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.3.0 (b'fwk2_kissd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.4.0 (b'fwk2_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.5.0 (b'fwk2_hp')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.6.0 (b'fwk2_service')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid3 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.1.0 (b'fwk3_dev_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.2.0 (b'jemalloc_bg_thd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.3.0 (b'fwk3_kissd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.4.0 (b'fwk3_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.5.0 (b'fwk3_1')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.6.0 (b'fwk3_hp')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid4 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.1'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.1.0 (b'fwk4_dev_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.2.0 (b'jemalloc_bg_thd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.3.0 (b'fwk4_kissd')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.4.0 (b'fwk4_0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.5.0 (b'fwk4_1')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.6.0 (b'fwk4_hp')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.7.0 (b'fwk4_service')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.1.8.0 (b'fwk4_dev_1')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid1 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.2'
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid2 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.1.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.2.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.3.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.4.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.5.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.6.0 (b'0')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid3 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.1.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.2.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.3.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.4.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.5.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.6.0 (b'0')
Running 'snmpbulkwalk -Cr10 -v3 -l authPriv -a SHA-512 -u username -A authpass -x AES -X privpass -m "" -M "" -t 60.00 -r 3 -n ctxname_vsid4 -Cc -OQ -OU -On -Ot X.X.X.X .1.3.6.1.4.1.2620.1.1.31.1.1.2'
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.1.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.2.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.3.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.4.0 (b'1')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.5.0 (b'1')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.6.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.7.0 (b'0')
Duplicate OID found: .1.3.6.1.4.1.2620.1.1.31.1.1.2.8.0 (b'0')
...
[cpu_tracking] Stop [7ffb1cff3560 - Snapshot(process=posix.times_result(user=0.41999999999999993, system=0.10000000000000009, children_user=6.8, children_system=1.41, elapsed=9.790000000037253))]
  Source: SourceInfo(hostname='hostname0', ipaddress='X.X.X.X', ident='piggyback', fetcher_type=<FetcherType.PIGGYBACK: 4>, source_type=<SourceType.HOST: 1>)
[cpu_tracking] Start [7ffb1d1102f0]
Read from cache: NoCache(hostname0, path_template=/dev/null, max_age=MaxAge(checking=0.0, discovery=0.0, inventory=0.0), simulation=False, use_only_cache=False, file_cache_mode=1)
No piggyback files for 'hostname0'. Skip processing.
No piggyback files for 'X.X.X.X'. Skip processing.
Get piggybacked data
[cpu_tracking] Stop [7ffb1d1102f0 - Snapshot(process=posix.times_result(user=0.010000000000000231, system=0.010000000000000009, children_user=0.0, children_system=0.0, elapsed=0.0))]
+ PARSE FETCHER RESULTS
  HostKey(hostname='hostname0', source_type=<SourceType.HOST: 1>)  -> Add sections: ['checkpoint_connections', 'checkpoint_fan', 'checkpoint_firewall', 'checkpoint_ha_problems', 'checkpoint_ha_status', 'checkpoint_memory', 'checkpoint_packets', 'checkpoint_powersupply', 'checkpoint_svn_status', 'checkpoint_temp', 'checkpoint_tunnels', 'checkpoint_voltage', 'checkpoint_vpn_tunnels', 'checkpoint_vsx_cpu', 'checkpoint_vsx_system', 'dell_om_disks', 'dell_om_esmlog', 'dell_om_fans', 'dell_om_mem', 'dell_om_power', 'dell_om_processors', 'dell_om_sensors', 'hr_cpu', 'hr_fs', 'hr_ps', 'if', 'if64', 'inv_if', 'snmp_info', 'snmp_uptime', 'ucd_cpu_load', 'ucd_diskio']
  HostKey(hostname='hostname0', source_type=<SourceType.HOST: 1>)  -> Add sections: []
Received no piggyback data
+ ANALYSE DISCOVERED HOST LABELS
PARSE: [[['hostname1', '1', 'Virtual Switch']], [['fwk1_dev_0', '0'], ['jemalloc_bg_thd', '0'], ['fwk1_kissd', '0'], ['fwk1_0', '0'], ['fwk1_hp', '0'], ['fwk1_service', '0'], ['fwk3_service', '0'], ['fwk3_dev_1', '0']]]
PARSED: {'vs_name': 'hostname1', 'vs_id': '1', 'vs_type': 'Virtual Switch', 'vs_procs': {'fwk1_dev_0': {'proc_cpu_usage': 0}, 'jemalloc_bg_thd': {'proc_cpu_usage': 0}, 'fwk1_kissd': {'proc_cpu_usage': 0}, 'fwk1_0': {'proc_cpu_usage': 0}, 'fwk1_hp': {'proc_cpu_usage': 0}, 'fwk1_service': {'proc_cpu_usage': 0}, 'fwk3_service': {'proc_cpu_usage': 0}, 'fwk3_dev_1': {'proc_cpu_usage': 0}}, 'vs_cpu_usage': 0}
Trying host label discovery with: checkpoint_connections, checkpoint_fan, checkpoint_firewall, checkpoint_ha_problems, checkpoint_ha_status, checkpoint_memory, checkpoint_packets, checkpoint_powersupply, checkpoint_svn_status, checkpoint_temp, checkpoint_tunnels, checkpoint_voltage, checkpoint_vpn_tunnels, checkpoint_vsx_cpu, checkpoint_vsx_system, dell_om_disks, dell_om_esmlog, dell_om_fans, dell_om_mem, dell_om_power, dell_om_processors, dell_om_sensors, hr_cpu, hr_fs, hr_ps, if64, inv_if, snmp_info, snmp_uptime, ucd_cpu_load, ucd_diskio
Trying host label discovery with: 
SUCCESS - Found no new host labels
+ ANALYSE DISCOVERED SERVICES
+ EXECUTING DISCOVERY PLUGINS (1)
  Trying discovery with: checkpoint_vsx_cpu
DISCOVERY:
Item: hostname1
SUCCESS - Found no new services
OMD[test]:~$ 

That looks more like a real bug - you can crosscheck with the latest 2.3 if it behaves the same way. If yes you can write to the feedback address or open a support case.

Here a better description for the topic would be “Multiple SNMPv3 context don’t work.”

I’ve tested with the latest check_mk version. The behaviour is the same.
Also had an idea to configure a seperate rule with a single context id defined, but it is just simply simply ignored and not even a bulkwalk is performed.

I’m considering opening a support case for this if mgmt approves the possible costs in our company.

Sharing the info I’ve got via a support case:

“…same OIDs for different contexts are not supported to be handled for the same host.
For different contexts (providing the same OIDs) you’d need to have the same host (more “the same IP”, as hostname must be unique) multiple times and request the different contexts for the different hosts.”

FYI / for others: The snmp context generally works, I had used this with Cisco ACI, but there we also adressed the different instances via different management IPs and/or VRFs