Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
Switch on "Debug Rule Execution" for mkeventd and check the debug log files. <firesk...@web.de> schrieb am Do., 2. März 2017 um 15:36 Uhr: > Hello Andreas, > > The command : "lsof -i :162 " > > Ouptputs the following Lines: > > COMMANDPID USER FD TYPE DEVICE SIZE/OFF NODE NAME > mkeventd 25325 SBA28u IPv4 6022201 0t0 UDP *:snmp-trap > > So i think the Trap Deamon is running. > > I've made some tests with with the tools from ireasoning browser: > http://ireasoning.com/mibbrowser.shtml > > 1. Trigger the OW-Server Traps to an Trap Reciever which listens on Port > 162 UDP --- Works > 2. Send an cold Trap to OMD Works > 3. Trigger the OW-Server Traps to OMD Failed > > So as you can see sth. is different on the Trap from the Ow-Server but i > don't know what. > > Any good ideas so far ? > > best regards john > > > *Gesendet:* Donnerstag, 23. Februar 2017 um 10:50 Uhr > > *Von:* "Andreas Döhler" <andreas.doeh...@gmail.com> > *An:* firesk...@web.de, omd-users@lists.mathias-kettner.de > *Betreff:* Re: [omd-users] Where i can see incoming smmp Traps in OMD ? > That is a typing error. SNMPTRAP is every time 162 UDP no TCP. > If you look at your machine with netstat it should be clear that the > system is listening on 162 UDP. > > Best regards > Andreas > > <firesk...@web.de> schrieb am Do., 23. Feb. 2017 um 10:44 Uhr: > > Hello Andreas, > > I'm a little bit confused about the circumstance that the omd config gui > says explizit in the mkenvent snmptrap config ... > > > If this option is enabled then mkeventd starts a │ > > │ builtin snmptrap server that receives snmptrap │ > > │ messages via TCP port 162. Enabling this option │ > > │ makes the mkeventd started via a SUID helper │ > > │ that first opens the (priviledged) port 162 and │ > > │ then starting the actual event daemon. │ > > │ ┌──┐ │ > > │ │ on enable │ │ > > │ │ off disable > > > > best regards john > > *Gesendet:* Mittwoch, 22. Februar 2017 um 16:19 Uhr > > *Von:* "Andreas Döhler" <andreas.doeh...@gmail.com> > *An:* firesk...@web.de, omd-users@lists.mathias-kettner.de > *Betreff:* Re: [omd-users] Where i can see incoming smmp Traps in OMD ? > No. Correctly configured mkeventd is listening on port 162 udp and 514 udp > and 514 tcp. > > best regards > Andreas > > <firesk...@web.de> schrieb am Mi., 22. Feb. 2017 um 15:48 Uhr: > > May i found the problem .. > > My server can only send traps over the udp Protocoll > and the omd snmp deamon listen only on tcp or ? > > So is this the pitfall ? > > Could i change this in OMD ? > > best regards > john > > *Gesendet:* Dienstag, 21. Februar 2017 um 14:07 Uhr > > *Von:* "Andreas Döhler" <andreas.doeh...@gmail.com> > *An:* firesk...@web.de > *Betreff:* Re: [omd-users] Where i can see incoming smmp Traps in OMD ? > > You can only use mkeventd with snmptrapd or snmptt. Booth at the same time > is not so easy. I say it again if traps from other device are received then > all is configured correctly on OMD site. > > Ubuntu does nothing in the case of using mkeventd. You will also see > nothing inside syslog if using mkeventd. Only with the catch-all rule you > will see incoming traps. > > Best regards > Andreas > > <firesk...@web.de> schrieb am Di., 21. Feb. 2017, 13:35: > > Hello Andreas, > > Yes I have 2 Sender Points which can configure on snmp server directly, > but only 1 for an sensor. > > But i retested this really often and there has to be an error on omd layer > or on ubuntu OS one. > > Then i thought may it's a god idea to set an snmptt on the system for > proofing the situtation ... but it doesn't work i get through this > walktrough .. > > https://mathias-kettner.de/checkmk_mkeventd_traps.html > > But nothing happens, even with an normal testing trap ... so my assumption > that omd sth. bends over that the trap doesn't comes to the syslog or in > the logs which ih ave configured in snmptt.ini. > > Then i stopped all OMD Services .. the same Result .. > > May i forgot sth. to setup in the snmpd settings from scratch ... > > best regards john > > > *Gesendet:* Montag, 20. Februar 2017 um 19:08 Uhr > *Von:* "Andreas Döhler" <andreas.doeh...@gmail.com> > *An:* firesk...@web.de, "omd-users@lists.mathias-kettner.de" < > omd-users@lists.mathias-kettner.de> > > *Betreff:* Re: [omd-users] Where i can
Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
Gesendet: Dienstag, 21. Februar 2017 um 13:35 Uhr Von: firesk...@web.de An: "Andreas Döhler" <andreas.doeh...@gmail.com> Betreff: Re: [omd-users] Where i can see incoming smmp Traps in OMD ? Hello Andreas, Yes I have 2 Sender Points which can configure on snmp server directly, but only 1 for an sensor. But i retested this really often and there has to be an error on omd layer or on ubuntu OS one. Then i thought may it's a god idea to set an snmptt on the system for proofing the situtation ... but it doesn't work i get through this walktrough .. https://mathias-kettner.de/checkmk_mkeventd_traps.html But nothing happens, even with an normal testing trap ... so my assumption that omd sth. bends over that the trap doesn't comes to the syslog or in the logs which ih ave configured in snmptt.ini. Then i stopped all OMD Services .. the same Result .. May i forgot sth. to setup in the snmpd settings from scratch ... best regards john Gesendet: Montag, 20. Februar 2017 um 19:08 Uhr Von: "Andreas Döhler" <andreas.doeh...@gmail.com> An: firesk...@web.de, "omd-users@lists.mathias-kettner.de" <omd-users@lists.mathias-kettner.de> Betreff: Re: [omd-users] Where i can see incoming smmp Traps in OMD ? If you see the trap from printers then your mkeventd with snmptrap receiver is working correctly. That also means your other device is not correctly configured. :) With the catchall rule you will see all traps send to your monitoring host. Have you configured two different targets on your snmp sender side? One for the monitoring host and one for your snmp browser? Best regards Andreas <firesk...@web.de> schrieb am Mo., 20. Feb. 2017 um 10:38 Uhr: Hello Andreas I've followed your advice to create an wildcard rule or at least i tried so... My Rule has only one Condition: Text to match : .* Is that correct ? Then i trigger my snnmp to test the Wildcard Rule but nothing happens in the checkmk log but some other Traps from an Printer will be logged fine. My trap reciever which is the ireasoning browser tells me that the Trap is logged correctly and the Trigger works also... but not with checkmk. This is my Snmp Trap which won't be processed in checkmk: Source: 192.168..xxx Timestamp: 603 hours 54 minutes 9 seconds SNMP Version: 1 Enterprise: .iso.org.dod.internet.private.enterprises.edsMain Specific: 6 Generic: enterpriseSpecific Variable Bindings: Name: .iso.org.dod.internet.private.enterprises.edsMain.dTrap.dTrapDeviceTable.dTrapDeviceEntry.dTrapDeviceIndex.4 Value: [Integer] 1 And this is my Trap from an printer which is logged in checkmk ( and no check is configured for this host in omd or checkmk) : (no Service level) 192.168.xxx.xxx all 1.3.6.1.4.1.683.6 Generic-Trap: 0, Specific-Trap: 0, Uptime: 8 sec best regards john Gesendet: Donnerstag, 16. Februar 2017 um 16:41 Uhr Von: "Andreas Döhler" <andreas.doeh...@gmail.com> An: firesk...@web.de, omd-users@lists.mathias-kettner.de Betreff: Re: [omd-users] Where i can see incoming smmp Traps in OMD ? If you are using the mkeventd with buildin snmptrapd then you need to build a catchall rule inside event console. Only if there is a matching rule you will see anything. Without rule nothing is shown. Best regards Andreas <firesk...@web.de> schrieb am Mi., 15. Feb. 2017 um 16:14 Uhr: OMD Version: 2.11.20161004-labs-edition mkeventd (builtin: snmptrap) Hello Guys Where i can see the incoming Snmp Trap's in OMD ? . In my rsyslog is no entry for it but the event console from check mk works and send some notification when the snmp matches. Then i thought maybe the reason is the rsyslog deamon from omd but thats not the problem. I tried both.. with rsyslog deamon on and off. There is no entry for the snmp Trap in rsyslog. best regards john ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users
Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
Gesendet: Montag, 20. Februar 2017 um 10:38 Uhr Von: firesk...@web.de An: "Andreas Döhler" <andreas.doeh...@gmail.com> Betreff: Re: [omd-users] Where i can see incoming smmp Traps in OMD ? Hello Andreas I've followed your advice to create an wildcard rule or at least i tried so... My Rule has only one Condition: Text to match : .* Is that correct ? Then i trigger my snnmp to test the Wildcard Rule but nothing happens in the checkmk log but some other Traps from an Printer will be logged fine. My trap reciever which is the ireasoning browser tells me that the Trap is logged correctly and the Trigger works also... but not with checkmk. This is my Snmp Trap which won't be processed in checkmk: Source: 192.168..xxx Timestamp: 603 hours 54 minutes 9 seconds SNMP Version: 1 Enterprise: .iso.org.dod.internet.private.enterprises.edsMain Specific: 6 Generic: enterpriseSpecific Variable Bindings: Name: .iso.org.dod.internet.private.enterprises.edsMain.dTrap.dTrapDeviceTable.dTrapDeviceEntry.dTrapDeviceIndex.4 Value: [Integer] 1 And this is my Trap from an printer which is logged in checkmk ( and no check is configured for this host in omd or checkmk) : (no Service level) 192.168.xxx.xxx all 1.3.6.1.4.1.683.6 Generic-Trap: 0, Specific-Trap: 0, Uptime: 8 sec best regards john Gesendet: Donnerstag, 16. Februar 2017 um 16:41 Uhr Von: "Andreas Döhler" <andreas.doeh...@gmail.com> An: firesk...@web.de, omd-users@lists.mathias-kettner.de Betreff: Re: [omd-users] Where i can see incoming smmp Traps in OMD ? If you are using the mkeventd with buildin snmptrapd then you need to build a catchall rule inside event console. Only if there is a matching rule you will see anything. Without rule nothing is shown. Best regards Andreas <firesk...@web.de> schrieb am Mi., 15. Feb. 2017 um 16:14 Uhr: OMD Version: 2.11.20161004-labs-edition mkeventd (builtin: snmptrap) Hello Guys Where i can see the incoming Snmp Trap's in OMD ? . In my rsyslog is no entry for it but the event console from check mk works and send some notification when the snmp matches. Then i thought maybe the reason is the rsyslog deamon from omd but thats not the problem. I tried both.. with rsyslog deamon on and off. There is no entry for the snmp Trap in rsyslog. best regards john ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users
Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
If you see the trap from printers then your mkeventd with snmptrap receiver is working correctly. That also means your other device is not correctly configured. :) With the catchall rule you will see all traps send to your monitoring host. Have you configured two different targets on your snmp sender side? One for the monitoring host and one for your snmp browser? Best regards Andreas <firesk...@web.de> schrieb am Mo., 20. Feb. 2017 um 10:38 Uhr: > Hello Andreas > > I've followed your advice to create an wildcard rule or at least i tried > so... > > My Rule has only one Condition: > > Text to > match > : .* > > Is that correct ? > > Then i trigger my snnmp to test the Wildcard Rule but nothing happens in > the checkmk log but some other Traps from an Printer will be logged fine. > > My trap reciever which is the ireasoning browser tells me that the Trap is > logged correctly and the Trigger works also... but not with checkmk. > > This is my Snmp Trap which won't be processed in checkmk: > > *Source:* 192.168..xxx *Timestamp:* 603 hours 54 minutes 9 seconds *SNMP > Version:* 1 > *Enterprise:* .iso.org.dod.internet.private.enterprises.edsMain > *Specific:* 6 > *Generic:* enterpriseSpecific > *Variable Bindings:* > -- > *Name:* > .iso.org.dod.internet.private.enterprises.edsMain.dTrap.dTrapDeviceTable.dTrapDeviceEntry.dTrapDeviceIndex.4 > *Value:* > [Integer] 1 > > > > And this is my Trap from an printer which is logged in checkmk ( and no > check is configured for this host in omd or checkmk) : > > (no Service level)192.168.xxx.xxxall1.3.6.1.4.1.683.6 > Generic-Trap: 0, Specific-Trap: 0, Uptime: 8 sec > > > > best regards john > > > > > > *Gesendet:* Donnerstag, 16. Februar 2017 um 16:41 Uhr > *Von:* "Andreas Döhler" <andreas.doeh...@gmail.com> > *An:* firesk...@web.de, omd-users@lists.mathias-kettner.de > *Betreff:* Re: [omd-users] Where i can see incoming smmp Traps in OMD ? > If you are using the mkeventd with buildin snmptrapd then you need to > build a catchall rule inside event console. > Only if there is a matching rule you will see anything. Without rule > nothing is shown. > > Best regards > Andreas > > <firesk...@web.de> schrieb am Mi., 15. Feb. 2017 um 16:14 Uhr: > > *OMD Version: 2.11.20161004-labs-edition* > * mkeventd (builtin: snmptrap)* > > Hello Guys > > Where i can see the incoming Snmp Trap's in OMD ? . > > In my rsyslog is no entry for it but the event console from check mk works > and send some notification when the snmp matches. > > Then i thought maybe the reason is the rsyslog deamon from omd but thats > not the problem. > I tried both.. with rsyslog deamon on and off. > There is no entry for the snmp Trap in rsyslog. > > best regards john > > > > > ___ > omd-users mailing list > omd-users@lists.mathias-kettner.de > http://lists.mathias-kettner.de/mailman/listinfo/omd-users > > ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users
Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
If you are using the mkeventd with buildin snmptrapd then you need to build a catchall rule inside event console. Only if there is a matching rule you will see anything. Without rule nothing is shown. Best regards Andreasschrieb am Mi., 15. Feb. 2017 um 16:14 Uhr: > *OMD Version: 2.11.20161004-labs-edition* > * mkeventd (builtin: snmptrap)* > > Hello Guys > > Where i can see the incoming Snmp Trap's in OMD ? . > > In my rsyslog is no entry for it but the event console from check mk works > and send some notification when the snmp matches. > > Then i thought maybe the reason is the rsyslog deamon from omd but thats > not the problem. > I tried both.. with rsyslog deamon on and off. > There is no entry for the snmp Trap in rsyslog. > > best regards john > > > > > ___ > omd-users mailing list > omd-users@lists.mathias-kettner.de > http://lists.mathias-kettner.de/mailman/listinfo/omd-users > ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users
Re: [omd-users] Where i can see incoming smmp Traps in OMD ?
Hello Marcel, Ok thats make sense :) But before i use omd for snmp i had snmptt and the submitcheckresult script and the snmptt traps were always written in some snmp logs and in the syslog too .. maybe an redirect funktion from snmptt it self i don't know But back to topic: Where i can catch and see incoming logs in OMD which aren't match some Rules ? I tried to see sth. in checkmk but i cannot see any traps best regards john ___ omd-users mailing list omd-users@lists.mathias-kettner.de http://lists.mathias-kettner.de/mailman/listinfo/omd-users