Hello,
I am sending SNMP Traps on port 162 into my LibreNMS server, and I might not be grasping how to properly manage the trap information. My current rules grab the trap in the field
eventlog.type = “trap” AND eventlog.message LIKE ‘%12003%’
I have not found a better way to sort the trap based on the payload of said traip.
Here is a copy of my alert template:
{{ $alert->title }}
Severity: {{ $alert->severity }}
@if ($alert->state == 0) Time elapsed: {{ $alert->elapsed }} @endif
Timestamp: {{ $alert->timestamp }}
Unique-ID: {{ $alert->uid }}
@if ($alert->faults)
@foreach ($alert->faults as $key => $value)
@if ($loop->last) Current TRAP – {{ $value[‘message’] }} @endif
@endforeach
@endif
And here is a sample email response:
Alert for device 192.168.1.1 - Something Happened
Severity: warning
Timestamp: 2021-09-09 14:31:09
Unique-ID: 1234
Current TRAP -- MY-MIB::infrElementStatusTrap
{"SNMPv2-MIB::sysUpTime.0":"20:4:27:13.21","MY-MIB::infrEventId.0":"20398","MY-MIB::infrEventTime.0":"20210909142834","MY-MIB::infrIPAddress.0":"192.168.1.1","MY-MIB::infrLocation.0":"1","My-MIB::infrElementType.0":"bsr","My-MIB::infrSeriousnessLevel.0":"yellow","My-MIB::infrAuxInfo.0":"12002","My-MIB::infrLocationType.0":"sbs","My-MIB::infrArea.0":"0","SNMPv2-SMI::snmpModules.18.1.3.0":"192.168.127.1","SNMPv2-SMI::snmpModules.18.1.4.0":"public","SNMPv2-MIB::snmpTrapEnterprise.0":"My-MIB::My-T"}
Questions:
-
Is there a way in my Alert template that I can cleanup deeper, such as {{ $value[‘message.MIB::Location’] }} to isolate that field? Perhaps I could also perform a grep to sort for that field, or perhaps a sed / awk to pull out the piece of desired information?
-
On my email, I have " but here in the HTML viewer, I am seeing “” marks. Is there a command inside the alert template that I can surpres those marks?
My goal is to make the email presentation nice and clean for a quick read.
Thanks,
Christian