Please help,
i am trying to add auth snmp trap handler for edge-core L2 switch, here is what i added
in /librenms/Librenms/Snmptrap/
i added
<?php
/**
* EdgeCosSuccessUserLogin.php
*
* -Description-
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package LibreNMS
* @link http://librenms.org
*/
namespace LibreNMS\Snmptrap\Handlers;
use App\Models\Device;
use LibreNMS\Interfaces\SnmptrapHandler;
use LibreNMS\Snmptrap\Trap;
use Log;
class EdgeCosSuccessUserLogin implements SnmptrapHandler
{
/**
* Handle snmptrap.
* Data is pre-parsed and delivered as a Trap.
*
* @param Device $device
* @param Trap $trap
* @return void
*/
public function handle(Device $device, Trap $trap)
{
Log::event('SNMP Trap: Success User Login: ' . $device->displayName(), $device->device_id, 'auth', 3);
}
}
and in /librenms/config/snmptraps.php i added
'ES3528MO-MIB::swAuthenticationSuccess' => \LibreNMS\Snmptrap\Handlers\EdgeCosSuccessUserLogin::class,
And here is OID from that MIB,
swAuthenticationSuccess NOTIFICATION-TYPE
OBJECTS { trapVarLoginUserName, trapVarLoginMethod, trapVarLoginIPAddress, trapVarLoginTime }
STATUS current
DESCRIPTION "This trap will be triggered if authentication is successful."
::= { es3528moTrapsPrefix 67 }
but i still getting in eventlog of device this message, what i am missing ?
SNMP trap received: SNMPv2-SMI::enterprises.259.6.10.94.2.1.0.67
Thanks
You must configure your snmptrapd (daemon) to read the correct mibs.
At the startup line of the snmptrapd, add the dir where that mibs resides (along with the ones that are already added)
So your startup options should look like
...-M /opt/librenms/mibs:/opt/librenms/mibs/cisco:/opt/librenms/mibs/CHANGETHIS...
Of course, you must CHANGETHIS to the correct dir.
So when I have
ExecStart=/usr/sbin/snmptrapd -f -M /opt/librenms/mibs -m ALL
its wrong ?
Because I am getting correct TRAP about Port Down,UP for edgecos devices, also for STP what is new,
Its not wrong, its just incomplete. If you check the /opt/librenms/mibs
dir, you will see there are some mibs files directly there, and then sub-directories.
snmptrapd -M option is not recursive, so you need to specify each directory individually.
I changed it and now I am getting just in eventlog
SNMP trap received:
Here is a TRAP message from syslog
uz7-8.gecom.sk [UDP: [10.0.58.30]:1042->[10.0.1.21]:162]: Trap , iso.3.6.1.2.1.1.3.0 = Timeticks: (952171000) 110 days, 4:55:10.00, iso.3.6.1.6.3.1.1.4.1.0 = OID: iso.3.6.1.4.1.259.6.10.94.2.1.0.67, iso.3.6.1.4.1.259.6.10.94.1.14.2.11 = Hex-STRING: 61 64 6D 69 6E 00 00 00 00 00 00 00 00 00 00 00 \01200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \01200 , iso.3.6.1.4.1.259.6.10.94.1.14.2.12 = INTEGER: 1, iso.3.6.1.4.1.259.6.10.94.1.14.2.13 = IpAddress: 46.150.192.145, iso.3.6.1.4.1.259.6.10.94.1.14.2.14 = Hex-STRING: 32 30 31 39 2D 35 2D 31 33 2C 31 35 3A 32 31 3A \01235 30 00 00 00
and i know that oid .1.3.6.1.4.1.259.6.10.94.2.1.0.67 is for Auth success, so i just want simple mesasge in eventlog about that, also for auth failed what is oid .66, but it is still not working for me, can somebody helpt with that ?
Could you copy paste what your the mibs directory line in the snmptrapd config file currently looks like?
Here is my service
[Unit]
Description=Simple Network Management Protocol (SNMP) Trap Daemon.
After=network.target
ConditionPathExists=/etc/snmp/snmptrapd.conf
[Service]
Environment="MIBSDIR=/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp"
Type=simple
ExecStart=/usr/sbin/snmptrapd -f -M /opt/librenms/mibs:/opt/librenms/mibs/cisco:/opt/librenms/mibs/edgecos
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
MIB of device is here: /librenms/mibs/edgecos/ ES3528MO-MIB
for now i am carryng about auth
swAuthenticationFailure .1.3.6.1.4.1.259.6.10.94.2.1.0.66
swAuthenticationSuccess .1.3.6.1.4.1.259.6.10.94.2.1.0.67
php in /librenms/LibreNMS/Snmptrap/Handlers looks like this
<?php
namespace LibreNMS\Snmptrap\Handlers;
use App\Models\Device;
use LibreNMS\Interfaces\SnmptrapHandler;
use LibreNMS\Snmptrap\Trap;
use Log;
class EdgeCosSuccessUserLogin implements SnmptrapHandler
{
/**
* Handle snmptrap.
* Data is pre-parsed and delivered as a Trap.
*
* @param Device $device
* @param Trap $trap
* @return void
*/
public function handle(Device $device, Trap $trap)
{
Log::event('SNMP Trap: Success User Login', $device->device_id, 'auth', 3);
}
}
and in /librenms/config/snmptraps.php i added
'ES3528MO-MIB::swAuthenticationSuccess' => \LibreNMS\Snmptrap\Handlers\EdgeCosSuccessUserLogin::class,
I want to figure it out how it works, in future i would like to add more handlers
you have removed the -m ALL
.
-M specify dir
-m is for mibs. If you dont set -m ALL, it wont read any mibfile
Fantastic, so Itβs working
I am only getting some errors in snmptrapd service
service snmptrapd status
β snmptrapd.service - Simple Network Management Protocol (SNMP) Trap Daemon.
Loaded: loaded (/lib/systemd/system/snmptrapd.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2019-05-13 16:14:54 CEST; 50s ago
Main PID: 4173 (snmptrapd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/snmptrapd.service
ββ4173 /usr/sbin/snmptrapd -f -m ALL -M /opt/librenms/mibs:/opt/librenms/mibs/cisco:/opt/librenms/mibs/edgecos
May 13 16:15:32 librenms snmptrapd[4173]: Bad operator ((): At line 176 in /opt/librenms/mibs/CISCO-ENHANCED-IMAGE-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Too many textual conventions (INTEGER): At line 242 in /opt/librenms/mibs/CISCO-ENHANCED-SLB-MIB
May 13 16:15:32 librenms snmptrapd[4173]: : (is a reserved word): At line 242 in /opt/librenms/mibs/CISCO-ENHANCED-SLB-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Bad operator ((): At line 243 in /opt/librenms/mibs/CISCO-ENHANCED-SLB-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Too many textual conventions (INTEGER): At line 208 in /opt/librenms/mibs/CISCO-CONFIG-MAN-MIB
May 13 16:15:32 librenms snmptrapd[4173]: : (is a reserved word): At line 208 in /opt/librenms/mibs/CISCO-CONFIG-MAN-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Bad operator ((): At line 209 in /opt/librenms/mibs/CISCO-CONFIG-MAN-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Too many textual conventions (INTEGER): At line 96 in /opt/librenms/mibs/CISCO-IP-STAT-MIB
May 13 16:15:32 librenms snmptrapd[4173]: : (is a reserved word): At line 96 in /opt/librenms/mibs/CISCO-IP-STAT-MIB
May 13 16:15:32 librenms snmptrapd[4173]: Bad operator ((): At line 96 in /opt/librenms/mibs/CISCO-IP-STAT-MIB
I believe that this information is not very good covered in docs, for trap handler and for develop trap handlers.
Doc changes are welcome in the docs you can click the edit button on the top right and submit changes.
1 Like