0

I have some question about SNMP and using traps.

I'm not an SNMP expert, but I understand and know a bit how to use SNMP tools.

Before describing what I would exactly want to do, I would ask a little question about SNMP traps.

In brief, I have read this tutorial about Net-SNMP : and I try to test snmptrap on my agent and manager. I defined SNMPV1 trap and SNMPV2 notifications on the agent the way indicated in the tutorial, and try same commands to send snmpv1 traps and snmpV2 notification. My question is about the snmptrapd logs. When I sent this command from the agent :

 snmptrap -v 1 -c commnunity_string my_server TRAP-TEST-MIB::demotraps my_agent 6 17 '' SNMPv2-MIB::sysLocation.0 s "Just here"

I see this in the server snmptrapd log file :

2015-01-23 18:55:07 X.X.X (via UDP: [Y.Y.Y.Y]:36679) TRAP, SNMP v1, community community_string
    UCD-SNMP-MIB::ucdExperimental.990 Enterprise Specific Trap (17) Uptime: 31 days, 4:06:05.63
    SNMPv2-MIB::sysLocation.0 = STRING: Just here

And when I sent this command from the agent:

 snmptrap -v 2c -c community_string my_serever '' NOTIFICATION-TEST-MIB::demo-notif SNMPv2-MIB::sysLocation.0 s "just here"

I see this in the server snmptrapd log file :

27/01/2015 09:56:59 Cold Start de 0.0.0.0

While I didn't sent a Cold Start (0) generic strap. But when I dissect the packet I can see all the information sent via this snmpv2 trap. So my first question is why the snmptrapd daemon sometimes logs just the "cold start" message instead of full trap information.

Now for the real mater, I've heard we are not obliged to use MIBs to send traps, and just need OIDs. My matter actually is that I would like to monitor a set of file (using incrond or whatever), and send a trap when a file is modified to the server to make a specific action. How can I set this accurately, so that the server can receive trap information indicating a different action for each file, parse the trap and run the action? I would like to know how you people here would design this.

k1eran
  • 4,492
  • 8
  • 50
  • 73
nixmind
  • 2,060
  • 6
  • 32
  • 54

1 Answers1

0

For the second question, start with identifying what tool to use to monitor the file, and how to make that send a trap. Perhaps snmpd could be used, since you are already familiar with net-snmp?

Then design a "file changed" trap which sends the file name as a variable binding. The trap manager can act differently depending on which file was changed.

I'm not sure I understand what you mean by "action" in this context., so feel free to clarify that.

Jolta
  • 2,620
  • 1
  • 29
  • 42
  • Action here is what the handler of the corresponding file will do when it receives the trap/notification. Then , do you think I can send the file name in the trap? As an OID or what? That's where my real matter is. Thanks – nixmind Jan 29 '15 at 08:07
  • I'm still not getting the basic assumptions about your system. So you have two processes, where one (the Agent) is monitoring a file. The other (the Manager) is listening to traps from the Agent. When the Manager receives the trap, can you give an example of what it would do? – Jolta Jan 30 '15 at 14:46
  • Basically, yes, you'd send the file name as a Variable Binding. You make up a new OID for the varbind, and you make it a Syntax that is relevant to files. And the value might be the file name, the full path, or whatever else you need. You are the designer here, you decide what data your Manager needs. – Jolta Jan 30 '15 at 14:48
  • Hi Jolta. Yes you got exactly what I would like to set up. My real deal is to send trap and interpret them from the manager. The only thing difficult for me is sending filename inside trap, so that the manager (snmptrapd) can receive them and run the good action (a shell script). – nixmind Feb 02 '15 at 16:58
  • Hi Jolta. Yes you got exactly what I would like to set up. My real deal is to send trap and interpret them from the manager. The only thing difficult for me is sending filename inside trap, so that the manager (snmptrapd) can receive them and run the good action (a shell script). To answer your question , at the manager side I will (would like to) set four lines like this, As I have four files to supervise: traphandle OID /path_to_script/script Please can you let me know how to write this from the the agent (client)? I mean the right syntax of snmptrap to use in my case. Thanks – nixmind Feb 02 '15 at 17:09
  • I'm not able to understand from your description: 1. What you have already tried, or 2. What problem you are running into when doing it. If you can re-write the question to include those points of information, it would be easier to answer. – Jolta Feb 03 '15 at 12:47
  • My problem is that I don't know actually hos to define OIDs to handle file names, so that the server/manager can extract the value in the other side. But I will try and let you know. Thanks. – nixmind Feb 04 '15 at 13:06
  • It could just be a DisplayString type value, I guess. – Jolta Feb 04 '15 at 14:44