hi, i'm trying to get snmptt working but i have no success. The trap receiver snmptrapd is running and he receives traps:
Nagios 3rc3 NagTrap Version 0.1.2: MySQL 5.x ps ax | grep snmp 6493 ?? Ss 0:00.69 snmptrapd -Lf /var/log/snmptt.debug -On -C -c /usr/local/share/snmp/snmpd.conf my snmpd.conf looks like: ##### disableAuthorization yes traphandle default /usr/local/sbin/snmptt ini=/usr/local/etc/snmptt.ini ##### and now the snmptt.ini ##### [General] snmptt_system_name = logserver mode = standalone multiple_event = 1 dns_enable = 0 strip_domain = 0 strip_domain_list = <<END domain.com END resolve_value_ip_addresses = 0 net_snmp_perl_enable = 1 net_snmp_perl_best_guess = 0 translate_log_trap_oid = 0 translate_value_oids = 1 translate_enterprise_oid_format = 1 translate_trap_oid_format = 1 translate_varname_oid_format = 1 translate_integers = 1 wildcard_expansion_separator = " " allow_unsafe_regex = 0 remove_backslash_from_quotes = 0 dynamic_nodes = 0 description_mode = 0 description_clean = 1 threads_enable = 0 threads_max = 10 [DaemonMode] daemon_fork = 1 daemon_uid = pid_file = /var/run/snmptt.pid spool_directory = /var/spool/snmptt/ sleep = 5 use_trap_time = 1 keep_unlogged_traps = 1 [Logging] stdout_enable = 1 log_enable = 1 log_file = /var/log/snmptt.log log_system_enable = 1 log_system_file = /var/log/snmpttsystem.log unknown_trap_log_enable = 1 unknown_trap_log_file = /var/log/snmpttunknown.log statistics_interval = 0 syslog_enable = 1 syslog_facility = local0 syslog_level_debug = <<END END syslog_level_info = <<END END syslog_level_notice = <<END END syslog_level_warning = <<END END syslog_level_err = <<END END syslog_level_crit = <<END END syslog_level_alert = <<END END syslog_level = warning syslog_system_enable = 1 syslog_system_facility = local0 syslog_system_level = warning [SQL] db_translate_enterprise = 0 db_unknown_trap_format = '$-*' sql_custom_columns = <<END END sql_custom_columns_unknown = <<END END mysql_dbi_enable = 1 mysql_dbi_host = datenbankserver mysql_dbi_port = 3306 mysql_dbi_database = snmptt mysql_dbi_table = snmptt mysql_dbi_table_unknown = snmptt_unknown mysql_dbi_table_statistics = mysql_dbi_username = snmpttuser mysql_dbi_password = snmpttpass mysql_ping_on_insert = 1 mysql_ping_interval = 300 [Exec] exec_enable = 1 pre_exec_enable = 1 unknown_trap_exec = unknown_trap_exec_format = exec_escape = 1 [Debugging] DEBUGGING = 2 DEBUGGING_FILE = /var/log/snmptt.debug DEBUGGING_FILE_HANDLER = /var/log/snmptthandler.debug [TrapFiles] snmptt_conf_files = <<END /etc/snmp/snmptt.conf END ###### you can see, we use mysql, cause of NagTrap. Here you can see the MIB: http://pastebin.com/m4b101454 and i converted it with the snmpttmibconverter: ./snmpttconvertmib --in=asc.mib --out=snmptt.conf --net_snmp_perl /etc/snmp/snmptt.conf ##### MIB: ASC-SNMP-MIB-EXT (file:./asc.mib) converted on Fri Mar 7 13:01:25 2008 using snmpttconvertmib v1.2 # # # EVENT ascEvoNotif .1.3.6.1.4.1.4063.2.1.1.1 "Status Events" Normal FORMAT RecorderID: $1 SDESC RecorderID: %s Hostname Module: %s Type: %s Code: %s Number: %s Opened: %s Updated: %s Closed: %s Text: %s Close Comment: %s Variables: 1: ascEvoSystemID Syntax="OCTETSTR" Descr="System ID, this is the unique recorder ID" 2: ascEvoSystemName Syntax="OCTETSTR" Descr="System name, the hostname of the recorder" 3: ascEvoModuleName Syntax="OCTETSTR" Descr="Module name, the process which caused the message" 4: ascEvoErrType Syntax="OCTETSTR" Descr="Error type LOG_ERROR, LOG_WARNING, LOG_INFO, LOG_AUDIT" 5: ascEvoErrCode Syntax="OCTETSTR" Descr="Error code" 6: ascEvoErrUniqueID Syntax="OCTETSTR" Descr="Unique error counter" 7: ascEvoErrOpenTime Syntax="OCTETSTR" Descr="Error opened time" 8: ascEvoErrUpdateTime Syntax="OCTETSTR" Descr="Error updated time is the same as ascEvoOpenTime on first occurence" 9: ascEvoErrCloseTime Syntax="OCTETSTR" Descr="Error closed time if closed else empty" 10: ascEvoErrText Syntax="OCTETSTR" Descr="Error text as an additional description" 11: ascEvoErrCloseComment Syntax="OCTETSTR" Descr="Error close comment if closed else empty" EDESC ##### someone from a german portal (nagios-portal.de) says, that is looks quite strange ... the unknowntrap.log shows something like: ######## Mon Mar 10 10:17:38 2008: Unknown trap (.1.3.6.1.4.1.4063.2.1.2) received from asc2.foo.com at: Value 0: asc2.foo.com Value 1: 16.24.37.23 Value 2: 10:19:18:29.24 Value 3: .1.3.6.1.4.1.4063.2.1.2 Value 4: 16.24.37.23 Value 5: Value 6: Ent Value 0: .1.3.6.1.4.1.4063.2.1.2.1=5175771137 Ent Value 1: .1.3.6.1.4.1.4063.2.1.2.2=evolution Ent Value 2: .1.3.6.1.4.1.4063.2.1.2.3=IASAPISV Ent Value 3: .1.3.6.1.4.1.4063.2.1.2.4=LOG_AUDIT Ent Value 4: .1.3.6.1.4.1.4063.2.1.2.5=USER_SOFTWARE_START Ent Value 5: .1.3.6.1.4.1.4063.2.1.2.6=1001 Ent Value 6: .1.3.6.1.4.1.4063.2.1.2.7=2008/03/10 10:15:36,137 Ent Value 7: .1.3.6.1.4.1.4063.2.1.2.8=2008/03/10 10:15:36,137 Ent Value 8: .1.3.6.1.4.1.4063.2.1.2.9=2008/03/10 10:17:37,698 Ent Value 9: .1.3.6.1.4.1.4063.2.1.2.10=Local User 1 is executing POWERplay Ent Value 10: .1.3.6.1.4.1.4063.2.1.2.11=7.00.54 Mon Mar 10 10:19:27 2008: Unknown trap (.1.3.6.1.4.1.4063.2.1.2) received from asc2.foo.com at: Value 0: asc2.foo.com Value 1: 16.24.37.23 Value 2: 10:19:20:18.51 Value 3: .1.3.6.1.4.1.4063.2.1.2 Value 4: 16.24.37.23 Value 5: Value 6: Ent Value 0: .1.3.6.1.4.1.4063.2.1.2.1=5175771137 Ent Value 1: .1.3.6.1.4.1.4063.2.1.2.2=evolution Ent Value 2: .1.3.6.1.4.1.4063.2.1.2.3=IASAPISV Ent Value 3: .1.3.6.1.4.1.4063.2.1.2.4=LOG_AUDIT Ent Value 4: .1.3.6.1.4.1.4063.2.1.2.5=USER_LOGIN Ent Value 5: .1.3.6.1.4.1.4063.2.1.2.6=1000 Ent Value 6: .1.3.6.1.4.1.4063.2.1.2.7=2008/03/10 10:15:24,032 Ent Value 7: .1.3.6.1.4.1.4063.2.1.2.8=2008/03/10 10:15:24,032 Ent Value 8: .1.3.6.1.4.1.4063.2.1.2.9=2008/03/10 10:19:26,804 Ent Value 9: .1.3.6.1.4.1.4063.2.1.2.10=User Login for 1 at PORTAL Ent Value 10: .1.3.6.1.4.1.4063.2.1.2.11=Logout ######### if i test to translate, it works: snmptranslate .1.3.6.1.4.1.4063.2.1.2 ASC-SNMP-MIB-EXT::ascEvoObj so, why are these traps unknown? any suggestions? cu denny -- Stoppt den Überwachungswahn - Stoppt den Schäuble Katalog: http://www.nopsis.de
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null