TechQA.

Why I get all snmp trap received as unknown traps

1.1k views Asked by At

I have configured a centos machine (7.5) to receive snmptrap from a BIG-IP F5 machine, but all the snmptraps I receive are unknown.
My /etc/snmp/snmtrapd.conf:

# Example configuration file for snmptrapd
# No traps are handled by default, you must edit this file!
authCommunity   log,execute cacti2021
#traphandle  default /usr/sbin/snmptt
#traphandle SNMPv2-MIB::coldStart    /usr/bin/bin/snmptt cold
traphandle default /usr/sbin/snmptthandler --ini=/etc/snmp/snmptt.ini
disableAuthorization yes

I downloaded all F5 MIBs files and I put them in /usr/share/snmp/mibs, then I created a snmp.conf file in the directory /usr/share/snmp/ and here is the file snmp.conf:

# SECTION: Textual mib parsing
#
#   This section controls the textual mib parser.  Textual
#   mibs are parsed in order to convert OIDs, enumerated
#   lists, and ... to and from textual representations
#   and numerical representations.

# mibdirs: Specifies directories to be searched for mibs.
#   Adding a '+' sign to the front of the argument appends the new
#   directory to the list of directories already being searched.
#   arguments: [+]directory[:directory...]

mibdirs  +/usr/share/snmp/mibs
mibdirs  +/usr/share/mibs 
mibdirs  +/usr/share/mibs/other
mibdirs  +/usr/share/mibs/ietf
mibdirs  +/usr/share/mibs/dell
#mibdirs  +/usr/share/mibs/cisco
mibdirs  +/usr/share/mibs/vmware
# mibdirs  +/opt/mx/mibs
# mibdirs    +/usr/share/mibs/cisco

# mibs: Specifies a list of mibs to be searched for and loaded.
#   Adding a '+' sign to the front of the argument appends the new
#   mib name to the list of mibs already being searched for.
#   arguments: [+]mibname[:mibname...]

mibs +ALL

# showmiberrors: Should errors in mibs be displayed when the mibs are loaded
#   arguments: (1|yes|true|0|no|false)

showmiberrors  yes 

# mibwarninglevel: Should warnings about mibs be displayed when the mibs are loaded
#   arguments: 1|2

mibwarninglevel  0

# miballowunderline: Should underlines be allowed in mib symbols (illegal)
#   arguments: (1|yes|true|0|no|false)

miballowunderline  yes

# mibreplacewithlatest: Force replacement of older mibs with known updated ones
#   arguments: (1|yes|true|0|no|false)

mibreplacewithlatest  yes

Can someone help me please to resolve the problem.

snmp-trap snmptrapd
Original Q&A
1

There are 1 answers

0
Ashark On

Yes, all traps are unknown, because you did not define them. Convert needed MIBS to the snmptt format with snmpttconvertmib. For example:

snmpttconvertmib --in=/home/username/.snmp/mibs/SomeMibFile.my --out=snmptt.conf.bigipf5 --exec='/bin/bash /usr/local/bin/trap/submit_check_result $r '"TRAP 2" -net_snmp_perl --format=4

Then list the file in the configs list in snmptt.ini:

...
[TrapFiles]
# A list of snmptt.conf files (this is NOT the snmptrapd.conf file).  The COMPLETE path 
# and filename.  Ex: '/etc/snmp/snmptt.conf'
snmptt_conf_files = <<END
/etc/snmp/snmptt.conf.bigipf5
END

Then restart snmptt.service. Now it will treat defined traps as known.

Related Questions in SNMP-TRAP

Related Questions in SNMPTRAPD

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions