SNMP Traps
Sending SNMP traps on a Remote Linux/Windows System
Download SNMP Trap sender from following link.
http://trapgen.trapreceiver.com/
Now Edit input file and change ip address of remote host where you want to send snmp traps.
Change "-d 192.168.1.1" to your destination host.
and
execute like as under
root@localhost:~#./trapgen -f input
AND same time check the syslog file of remote SNMPTRAP manager syst
root@localhost:~# tail -f /var/log/syslog
Receive and handle SNMP traps on a Linux system
Scope
This is a quickstart guide on howto get an Ubuntu or Debian Linux system to listen for SNMP traps, and log them. In SNMP parlance, where' talking about configuring a linux system to be a "manager". We're not talking about how to monitor a linux host by means of SNMP.
We'll cover the basics of how to get it up and running, and provide some pointers to where to go next.
Prerequisites
It is assumed you have a basic understanding of what SNMP is, and are looking for a generic way to collect SNMP-generated messages (a.k.a. "trap's") from 1 or more devices onto a "manager" system, for centralized monitoring.
You might be interested in a generic, linux-based solution because this allows you to connect SNMP-based monitoring to other central monitoring solutions such as a central syslog server and/or a Nagios monitoring system.
It is assumed that you have a working linux system where you want to implement this. The following guide is based on Debian Squeeze and will most likele work as-is on other Debian bases server systems such as Ubuntu. It should also work on other linux sysems, though some details such as names of packages, commands and config files may be different.
Basic Setup
apt-get install snmpd
this installs a number of snmp-related tools, including snmptrapd, which is the one we need to be able to listen for "traps"
snmpbulkget snmpdf snmpnetstat snmptranslate snmpwalk
snmpbulkwalk snmpget snmpset snmptrap
snmpconf snmpgetnext snmpstatus snmptrapd
snmpd snmpinform snmptable snmpusm
snmpdelta snmpkey snmptest snmpvacm
snmptrapd does not start up by default, you need to enable it in /etc/defaults/snmp ; it will then be started by /etc/init.d/snmpd (if /etc/snmp/snmptrapd.conf exists
/etc/defaults/snmp
TRAPDRUN=yes
/etc/defaults/snmp
TRAPDRUN=yes
we don't need to run snmpd if we only want to recive traps, rather than monitor this system by snmp, so we can disable it:
SNMPDRUN=no
SNMPDRUN=no
Also have a look at the other default options : Debian sets them to "log to syslog" by default, so that traps will be reported in /var/log/syslog. This is OK for us (for now)
snmptrapd will not accept any traps unless they're "authorized" in /etc/snmp/snmptrapd.conf :
# simple test catch-all for any trap that has community=public
authCommunity log,execute,net public
# simple test catch-all for any trap that has community=public
authCommunity log,execute,net public
Restart snmpd to get all the changes applied, then check if it works by sending a test trap (from the local host, and from a remote system) :
- local :
- remote:
result : /var/log/syslog should now show te submitted trap msg :
this shows snmptrapd is working: it is capable of receiving snmp traps and handling them (in this case: logging them to syslog)
Further configuration
further config will involve :
- define traps on the monitored hosts
- add appropriate authorization config for those hosts in /etc/snmp/snmptrapd.conf see http://net-snmp.sourceforge.net/docs/man/snmptrapd.conf.html
More on Trap Handling
Syslog
Now you have snmptrapd logs in local syslog file. By configuring SYSLOG server you can integrate your snmp traps in a centralised syslog configuration.
Nagios
You can integrate SNMP trap with nagios to monitor traps using snmp traps and will improve your monitoring. See SNMP Trap monitoring in nagios
No comments:
Post a Comment