Take an action according to the received snmp community

Question

I have a snmptrad.conf configured as following

authCommunity log,execute public
authCommunity log,execute snmpcommunityA
authCommunity log,execute snmpcommunityB
traphandle default /usr/bin/perl /usr/local/sbin/snmpaction.pl

I want to be able run an action per community so in case I get snmpcommunityA I will run a specific script and if I get snmpcommunityB I will run another script something like:

authCommunity log,execute public
authCommunity log,execute snmpcommunityA
authCommunity log,execute snmpcommunityB
traphandle default public /usr/bin/perl /usr/local/sbin/snmpaction.pl
traphandle default snmpcommunityA /usr/bin/perl /usr/local/sbin/snmpactionA.pl
traphandle default snmpcommunityB /usr/bin/perl /usr/local/sbin/snmpactionB.pl

I've been trying to get the received snmp community extracted from snmptrapd so I can do the action after the trap was received but it doesnt write it when it logs it.

Answer 1

Ok, so I've ended up getting the process to write the snmp community to a file, getting the community with a script and doing an action based on it.

This is how the process looks in the ps:

/usr/sbin/snmptrapd -Lsd -f -m +ALL -F %P -Lf /var/log/snmptrapd.log

The %P tells it to output the community.

The command to run the process as above is:

#cat /usr/lib/systemd/system/snmptrapd.service                                                             
#ExecStart=/usr/sbin/snmptrapd $OPTIONS -f -m +ALL -F "%%P" -Lf /var/log/snmptrapd.log

This is the snmptrapd to get diff community and to run a script

cat /etc/snmp/snmptrapd.conf
authCommunity log,execute public
authCommunity log,execute xxxxxx1
authCommunity log,execute xxxxxx2

traphandle default /usr/bin/perl /usr/local/sbin/script.pl

This is the actual script.pl:

#Getting the community from the log
my $snmptrap_log_filename = "/var/log/snmptrapd.log";
open my $fh, '<', $snmptrap_log_filename or die "error opening $snmptrap_log_filename: $!";
my $data = do { local $/; <$fh> };
#Cleaning the log file.
open my $fh, '>', $snmptrap_log_filename;

if ($data =~ m/public/) {
#public community action
}

if ($data =~ m/xxxxxx1/) {
#public community action
}

if ($data =~ m/xxxxxx2/) {
#public community action
}