patrickpr / trapdirector Goto Github PK
View Code? Open in Web Editor NEWIcingaweb2 module for receiving and handling snmp traps
License: GNU General Public License v3.0
Icingaweb2 module for receiving and handling snmp traps
License: GNU General Public License v3.0
Hello,
how would i pass the bgp peer in a trap as a parameter in the notification content?
traps are appearing as follows and the IP address seems to be attached to the trap OID rather than as a value of the trap OID
I went through the user guide multiple times and i couldn't find anything related to this particular issue.
I have uploaded all the relevant MIBs and the system is capturing and displaying the traps as it should (to the best of my knowledge).
Thank you!
John
.1.3.6.1.2.1.1.3.0 | sysUpTimeInstance | DISMAN-EVENT-MIB | 307:20:52:34.75 |
---|---|---|---|
.1.3.6.1.2.1.15.3.1.14.10.250.254.1 | bgpPeerLastError.10.250.254.1 | BGP4-MIB | "04 00 " |
.1.3.6.1.2.1.15.3.1.2.10.250.254.1 | bgpPeerState.10.250.254.1 | BGP4-MIB | 6 |
.1.3.6.1.4.1.9.9.187.1.2.1.1.7.10.250.254.1 | cbgpPeerLastErrorTxt.10.250.254.1 | CISCO-BGP4-MIB | "hold time expired" |
.1.3.6.1.4.1.9.9.187.1.2.1.1.8.10.250.254.1 | cbgpPeerPrevState.10.250.254.1 | CISCO-BGP4-MIB | 5 |
I'm trying to alert on BGP session state change using snmp traps rather than routine checks for a speedier alerting.
however as it is it's not telling me which BGP peer state has changed.
If related to the question in any way :
icinga2 --version
): 2.12.3Is your feature request related to a problem? Please describe.
I would like to be able to create a traphandler not only based on host-service-combination or hostgroup-service-combination but also on host-custom-vars, for example "where host.vars.location = Germany" or sth. else.
Is your feature request related to a problem? Please describe.
Many different traps and hostgroups...
Describe the solution you'd like
Please implement sorting on host/host group, source ip, trap oid and service name.
Also allow to filter on the above fields.
[2020/07/06 10:12:52] [TrapDirector] [Error]: Connection failed to IDO : invalid data source name
[2020/07/06 10:12:52] [TrapDirector] [Warning]: Exception : [TrapDirector] [Error]: Connection failed to IDO : invalid data source name
setupIDO
seems to be executed to be used by hostgroups, should only happen when an Icinga 2 API connection is configured.
The culprit should be:
We should setup the IDO data regardless of if the API is configured here.
icinga2 --version
): 2.11.4it's a simple error on a variable name
just install trapdirector
A error on the trapdirector's module windows on icingaweb
Fix:
replace icingaweb2Etc by icingaweb2_etc
Ps: I spotted same problem on several files: expr_test.php, db_test.php, HelperController.php by example.
greetings.
There are no hosts listed/offered when started typing in field Host name, menu Add trap handler.
Tested with Firefox 68 and Chrome 76.
Also getting confused by announced version 1.0, module reports version 0.9.2.
Branch 1.1 shows same behavior.
Best Regards,
Manfred
PS: great work
Is there a way to use wildcards when configuring the SNMP trap handler?
Two consecutive alarms that are the same have unique IDs so I am unable to create a rule to catch them:
Setting up the rule for .1.3.6.1.2.1.33.1.6.2.1.2.107 would only pick up the alarm once. A rule for .1.3.6.1.2.1.33.1.6.2.1.2 doesn't work as the alarms have a unique identifier at the end.
Ideally I would be able to add a rule such as .1.3.6.1.2.1.33.1.6.2.1.2.*
This wouldn't cause conflicts as the alarm is deleted from the alarm table once it has been cleared. So despite the alarms shown above as being .1.3.6.1.2.1.33.1.6.2.1.2.109 and .1.3.6.1.2.1.33.1.6.2.1.2.107 the alarm table would only ever show the most recent alarm.
Log settings seems not to work (syslog or file), but the following messages are found in syslog:
[TrapDirector] [Warning]: No node in config file: /etc/icingaweb2/modules/trapdirector/config.ini
[TrapDirector] [Warning]: Unknown node status : setting to MASTER
Unknown
Comes with every new trap.
No warning during normal operations.
Trapdirector (branch master 2020-08-31) running on:
icinga2 2.11.2-1
icingaweb2 2.7.3
apache 2.4, php7.2.5
Trap handles for host groups stopped working after upgrade to TrapDirector 1.0.6.
Traps for dedicated hosts still work.
Also I'm not able to create new trap handlers for host groups (GUI : Error : count(): Parameter must be an array or an object that implements Countable). Selection of host groups works, but saving is not possible.
Syslog starting with new incoming Link Down Trap:
2021-01-01T21:53:44.888000+01:00 host snmptrapd[2071]: 10.10.10.2: Link Down Trap (0) Uptime: 94 days, 12:20:24.83, .1.3.6.1.2.1.2.2.1.1.10106 = INTEGER: 10106, .1.3.6.1.2.1.2.2.1.2.10106 = STRING: GigabitEthernet1/0/6, .1.3.6.1.2.1.2.2.1.3.10106 = INTEGER: 6, .1.3.6.1.4.1.9.2.2.1.1.20.10106 = STRING: "down"
2021-01-01T21:53:44.977469+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 327
2021-01-01T21:53:44.979448+01:00 host snmptrapd[2071]: message repeated 4 times: [ PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 327]
2021-01-01T21:53:44.979714+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 341
2021-01-01T21:53:45.116622+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 327
2021-01-01T21:53:45.117056+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 341
2021-01-01T21:53:45.254773+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 327
2021-01-01T21:53:45.255220+01:00 host snmptrapd[2071]: PHP Notice: Trying to access array offset on value of type bool in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/Trap.php on line 341
A truncation and rebuild of the MIB cache DB tables did not change the behavior.
icinga2 --version
): 2.12.3The traps are in /var/log/messages but not in the database. But therefore i can not see the traps in icingaweb2.
/var/log/messages
May 3 23:51:45 icinga snmptrapd[1284]: 2020-05-03 23:51:45 192.168.0.17(via UDP: [192.168.0.17]:162->[192.168.168.50]:162) TRAP, SNMP v1, community public#012#011.1.3.6.1.4.1.12356.101.1.1041 Enterprise Specific Trap (505) Uptime: 101 d
ays, 20:59:00.27#012#011.1.3.6.1.4.1.12356.100.1.1.1.0 = STRING: "FG100ETK19010031"#11.1.3.6.1.2.1.1.5.0 = STRING: nsfbhqfw3.pcsoft.de
May 3 23:51:45 icinga snmptrapd[1284]: Usage: php-fpm [-n] [-e] [-h] [-i] [-m] [-v] [-t] [-p ] [-g ] [-c ] [-d foo[=bar]] [-y ] [-D] [-F [-O]]
May 3 23:51:45 icinga snmptrapd[1284]: -c | Look for php.ini file in this directory
May 3 23:51:45 icinga snmptrapd[1284]: -n No php.ini file will be used
May 3 23:51:45 icinga snmptrapd[1284]: -d foo[=bar] Define INI entry foo with value 'bar'
May 3 23:51:45 icinga snmptrapd[1284]: -e Generate extended information for debugger/profiler
May 3 23:51:45 icinga snmptrapd[1284]: -h This help
May 3 23:51:45 icinga snmptrapd[1284]: -i PHP information
May 3 23:51:45 icinga snmptrapd[1284]: -m Show compiled in modules
May 3 23:51:45 icinga snmptrapd[1284]: -v Version number
May 3 23:51:45 icinga snmptrapd[1284]: -p, --prefix
/etc/snmp/snmptrapd.conf
traphandle default /usr/sbin/php-fpm /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php
authCommunity log,execute,net public
icinga2 --version
): 2.11.3-1Thanks!
Get debug logs
Trapdirector -> Status&Mibs -> Status : set Log level to ALL
Insert debug logs from syslog or file depending on your log destination
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior: When attempting to import more MIBs, I receive the following error (on CLI): Error in updating : PDO::query(): MySQL server has gone away
The MySQL server & database are still reachable, so it seems like there is a conflict somewhere. If I drop the database, re-add it, and then scan all of the same MIB files in, it works perfectly, I am just unable to add any more MIB files. So, I haven't attempted to build any rules or the such until this piece is figured out, for I don't want to cause a bunch of rework. I would provide log files and more information, but if you'll note BUG #10, I am unable to change the log settings via the web interface.
Expected behavior
A clear and concise description of what you expected to happen.
Your Environment:
icinga2 --version
): r2.10.5-1Additional context
This is the same database server that icingaweb2 uses, so if there were a problem with the database server, I would suspect that I would see errors there as well, but I do not, so this seems to be exclusive to the trapdirector application.
Please let me know how I may assist with the troubleshooting process.
Thanks
Hi patrickpr,
i try to install trapdirector-1.0.4c on my environment. But get this Error...
Uncaught Error: Class 'Icinga\Module\Trapdirector\TrapsController' not found in /usr/share/icingaweb2/modules/trapdirector-1.0.4c/application/controllers/SettingsController.php:19 Stack trace: #0 /usr/share/icingaweb2/library/vendor/Zend/Controller/Dispatcher/Standard.php(352): include_once() #1 /usr/share/icingaweb2/library/vendor/Zend/Controller/Dispatcher/Standard.php(271): Zend_Controller_Dispatcher_Standard->loadClass('SettingsControl...') #2 /usr/share/php/Icinga/Web/Controller/Dispatcher.php(56): Zend_Controller_Dispatcher_Standard->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response)) #3 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937): Icinga\Web\Controller\Dispatcher->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response)) #4 /usr/share/php/Icinga/Application/Web.php(300): Zend_Controller_Front->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response)) #5 /usr/share/php/Icinga/Application/webrouter.php(99): Icinga\Application\Web->dispatch() #6 /usr/s
#0 [internal function]: Icinga\Application\Web->Icinga\Application\{closure}() #1 {main}
Icinga Web 2 Version
2.8.2
PHP-Version
7.3.21-1+ubuntu18.04.1+deb.sury.org+1
Icinga Programmversion | r2.12.0-1
what am I doing wrong?
best regards
Pio84
Main question
We like to use trapdirector, but our installation is already done with Postgre-DB. Does trapdirector also work with it? Is there a possibility to translate the MySQL statements to Postres?
The ido-DB is in Postgre. As you create a schema, do we need MySQL in parallel for the trapdirector DB?
Does the configuration accept different databases?
Purpose
We like to use trapdirector with our current Postgre-SQL installation.
Your Environment:
Postgresql 9.6
If related to the question in any way :
latest Icinga Web 2 version and modules 2.7.1
latest Icinga 2 version (icinga2 --version
): 2.10.5
Operating System and version: CentOS 7
Webserver, PHP versions: latest Apache, SCL PHP 7.1.8
Thanks
Thomas
Group not found in module (cnatStatisticsGroup): At line 50 in /root/.snmp/mibs/CISCO-IETF-NAT-CAPABILITY.my [843/1810]
Object not found in module (cnatConfDynAddrMapType): At line 172 in /root/.snmp/mibs/CISCO-IETF-NAT-CAPABILITY.my
Object not found in module (cnatSessionOrigPulbicPort): At line 339 in /root/.snmp/mibs/CISCO-IETF-NAT-CAPABILITY.my
Object not found in module (cnatSessionCurrentIdleTime): At line 349 in /root/.snmp/mibs/CISCO-IETF-NAT-CAPABILITY.my
Expected "::=" (LAST-UPDATED): At line 38 in /root/.snmp/mibs/MPLS-LSR-MIB-CAPABILITY.my
Group not found in module (ciscoCtrlGroupRev3): At line 64 in /root/.snmp/mibs/CISCO-RTTMON-CAPABILITY.my
Group not found in module (ciscoCtrlGroupRev5): At line 70 in /root/.snmp/mibs/CISCO-RTTMON-CAPABILITY.my
Group not found in module (ciscoStatsGroupRev6): At line 114 in /root/.snmp/mibs/CISCO-RTTMON-CAPABILITY.my
Group not found in module (ciscoStatsGroupRev6): At line 231 in /root/.snmp/mibs/CISCO-RTTMON-CAPABILITY.my
Group not found in module (cvDsx1ConfGroupSup2): At line 50 in /root/.snmp/mibs/CISCO-VISM-DSX1-CAPABILITY.my
Did not find 'cldcClientAccessVLAN' in module CISCO-LWAPP-DOT11-CLIENT-MIB (/root/.snmp/mibs/CISCO-LWAPP-SYS-MIB.my)
Bad timestamp format (11 or 13 characters) (20110202000Z): At line 40 in /root/.snmp/mibs/CISCO-TELEPRESENCE-CALL-CAPABILITY.my
Bad operator (/): At line 88 in /root/.snmp/mibs/CISCO-OSPF-TRAP-CAPABILITY.my
VARIATION (is a reserved word): At line 99 in /root/.snmp/mibs/CISCO-ATM-PVCTRAP-EXTN-CAPABILITY.my
DESCRIPTION (is a reserved word): At line 143 in /root/.snmp/mibs/CISCO-ATM-PVCTRAP-EXTN-CAPABILITY.my
: (is a reserved word): At line 145 in /root/.snmp/mibs/CISCO-ATM-PVCTRAP-EXTN-CAPABILITY.my
Bad operator (2): At line 145 in /root/.snmp/mibs/CISCO-ATM-PVCTRAP-EXTN-CAPABILITY.my
Module not found (RFC1406-MIB): At line 57 in /root/.snmp/mibs/CISCO-RFC1406-CAPABILITY.my
Module not found (RFC1406-MIB): At line 237 in /root/.snmp/mibs/CISCO-RFC1406-CAPABILITY.my
Module not found (RFC1406-MIB): At line 412 in /root/.snmp/mibs/CISCO-RFC1406-CAPABILITY.my
Cannot adopt OID in AWC-VLAN-CFG-MIB: awcVlanAllowUnencryptedVlanId ::= { awcVlanCfgObjects 8 }
Cannot adopt OID in AWC-VLAN-CFG-MIB: awcVlanNUcastKeyTable ::= { awcVlanCfgObjects 7 }
Bad operator (INTEGER): At line 73 in /usr/share/mibs/ietf/SNMPv2-PDU
Expected "::=" (RFC5644): At line 493 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Expected "{" (EOF): At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad object identifier: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad parse of OBJECT-IDENTITY: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Unlinked OID in IPATM-IPMC-MIB: marsMIB ::= { mib-2 57 }
Undefined identifier: mib-2 near line 18 of /usr/share/mibs/ietf/IPATM-IPMC-MIB
Bad operator (INTEGER): At line 73 in /usr/share/mibs/ietf/SNMPv2-PDU
Expected "::=" (RFC5644): At line 493 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Expected "{" (EOF): At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad object identifier: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad parse of OBJECT-IDENTITY: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
.Unlinked OID in IPATM-IPMC-MIB: marsMIB ::= { mib-2 57 }
Undefined identifier: mib-2 near line 18 of /usr/share/mibs/ietf/IPATM-IPMC-MIB
Bad operator (INTEGER): At line 73 in /usr/share/mibs/ietf/SNMPv2-PDU
Expected "::=" (RFC5644): At line 493 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Expected "{" (EOF): At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad object identifier: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Bad parse of OBJECT-IDENTITY: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
Downloaded MIBs with snmp-mibs-downloader on Ubuntu (ietf, iana, default download behaviour) and also 3rd party MIBs from cisco. Running 'icingacli trapdirector mib update' throws a lot of errors. Atleast the cisco MIBs are not shown in the webinterface afterwards. Though, some MIBs are actually available.
Setup trapdirector and snmptrapd. Install snmp-mibs-downloader. Run 'icingacli trapdirector mib update'. Add some more 3rd party MIBs.
Should run without "many" errors, but seemingly every MIB throws errors. MIBs are available in Webinterface for trap handlers afterwards.
icinga2 --version
): r2.11.2-1Because of a missing tutorial on how to set up trapdirector on Ubuntu (1604), I may have done something wrong in this regard, which could potentially cause some errors?
In the Docs:
permissions = [ "/status", "objects/query/Host", "objects/query/Service" , "actions/process-check-result" ]
But on my side "/status" needs to be "status", otherwise its not working.
Thanks for sharing your Module!
Get debug logs
Trapdirector -> Status&Mibs -> Status : set Log level to ALL
Insert debug logs from syslog or file depending on your log destination
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Your Environment:
icinga2 --version
): r2.10.5-1Additional context
When attempting to change the log settings to "debug" in order to catch more log information, to open another issue, after I hit save, the Icinga Web gui presents an error in the red banner at the bottom of the browser: error[object Object]
This also happens when I try to adjust the database trap retention from 60 days to 30 days.
While it seems like a permissions problem, or something similar, I do not have any visibility into what's causing this issue.
If you'll let me know what I can do to further troubleshoot, I'll provide whatever information I can.
Thanks,
-jeff
Hi,
I'm running the recent version of raspbian, icinga2 and trap director.
I've set up the folder permissions for /usr/share/icingaweb2/modules/trapdirector/mibs/ as documented. Just used www-data instead of apache.
The command sudo -u www-data touch /usr/share/icingaweb2/modules/trapdirector/mibs/abc.mib works but uploading through Webgui fails.
I've even tried sudo chmod -R 777 /usr/share/icingaweb2/modules/trapdirector/mibs with no luck.
I recieve traps, but all of them have the same status and status detail. Status is error and status detail is No trap oid found : check snmptrapd configuration (code 3/OID). In my configuration, I see only one warning message snmptrapd has no -n option : -Lsd -f -p /run/snmptrapd.pid.
If related to the question in any way :
icinga2 --version
): r2.11.2-1In a multinode environment where icinga2 and icingaweb2 are installed on different machines, the actions performed by icinga2cmd command will not work as it is located on icinga2 machine.
Actions should be performed by icinga2 rest api rather than icinga2cmd command so that they can remotely executed.
Main question
I can't seem to get traps into icinga2. I believe I have everything setup correctly, and using the following command:
sudo snmptrapd -D -f -Loe
I was able to see that traps are being received:
2019-10-01 12:17:24 ip-x-x-x-x [x.x.x.x] (via UDP: [x.x.x.x]:xxxxx->[x.x.x.x]:xxx) TRAP, SNMP v1, community public SNMPv2-SMI::mib-2.33.2 Enterprise Specific Trap (4) Uptime: 3:43:47.45 SNMPv2-SMI::mib-2.33.1.6.2.1.1.7 = INTEGER: 7 SNMPv2-SMI::mib-2.33.1.6.2.1.2.7 = STRING: ".1.3.6.1.2.1.33.1.6.3.2"
However, nothing is being shown in trapdirector in icingaweb2. From running the command above, I believe I have traced it down to the following:
trace: run_shell_command(): mibgroup/utilities/execute.c, 60: run:shell: running '/usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php' /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: 1: /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: cannot open ?php: No such file /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: 3: /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: //: Permission denied /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: 4: /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php: Syntax error: "(" unexpected
I thought it was a permissions thing, so I tried to CHMOD the trap_in.php file so ther permissions were as follows:
-rwxrwxrwx 1 root root 596 Sep 30 15:27 trap_in.php
But no luck.
Any suggestions?
Purpose
Receive traps in icingaweb2 trapdirector.
Your Environment:
If related to the question in any way :
company | 1.0.0
director | 1.6.2
doc | 2.7.1
idoreports | 0.9.1
ipl | v0.3.0
map | 1.1.0
monitoring | 2.7.1
reporting | 0.9.2
theme-dark | 0.0.1
trapdirector | 1.0.2
icinga2 --version
):icinga2 - The Icinga 2 network monitoring daemon (version: r2.10.5-1)
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2019-09-16T12:58:48
PHP 7.2.19-0ubuntu0.18.04.2 (cli) (built: Aug 12 2019 19:34:28) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.19-0ubuntu0.18.04.2, Copyright (c) 1999-2018, by Zend Technologies
I have installed it on Ubuntu 18.04 and for some reasons iam unable to add hosts.
I receive traps and snmptranslate works also fine but i cant add an handler without an host.
Sending perfdata in a display field in format of
Voltage trap | trapres=$1$
Where
Results in check output display
Voltage trap | trapres=220
Without setting performance data
Version 1.0.2
Originally posted by @p4k8 in #20 (comment)
I am facing the problem that SNMPv3 traps are not processed.
I have created a new SNMPv3 user in my UPS system (Auth = AES, Priv = SHA) and created on the icinga2 server a new user with the same credentials in the /etc/snmp/snmptrapd.conf file:
traphandle default /usr/bin/php /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php
...
createUser -e 0x80000001020304 icingatrapusv SHA XXX AES XXX
authUser log,execute,net icingatrapusv
After restarting the snmptrap service, I sent a test trap. This trap also arrives at the server, but it is not processed by the trapdirector.
[root@thillmmon1 plugins]# tcpdump -n port 162
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens32, link-type EN10MB (Ethernet), capture size 262144 bytes
14:48:31.038997 IP 172.xx.xx.xx.64455 > 172.xx.xx.xx.snmptrap: F=ap U="icingatrapusv" [! scoped PDU]cf_a1_36_7d_ce_04_84_ee_ba_6e_80_a8_bb_ef_39_14_b4_37_f5_ce_05_c0_8c_ee_70_12_cb_b4_ce_2a_68_39_8f_24_db_ce_cb_cd_c9_b6_c5_75_e8_76_9f_84_6d_ee_cc_83_34_b6_54_05_30_f2_15_6b_79_51_66_2d_8b_da_6a_23_ca_c4_bc_64_4b_bd_df_88_d3_50_83_55_13_0a_3e_fb_f8_75
But in the trapdirector Log (set to log everything) I don't see any action. I have no problem with SNMPv2 Traps.
Any ideas to solve this problem?
Thx!
If related to the question in any way :
icinga2 --version
): 2.12.3TrapDirector shows IP address of sending host as trap source, but traps are forwarded by a central trap receiver to Trap Director.
In this case all traps seem to come from the forwarder.
Is there already a feature to use the trap variable snmpTrapAddress (OID .1.3.6.1.6.3.18.1.3) instead of the forwarder IP?
Without this feature it is not possible to map the trap to the originating device within icinga2 when there are forwarders on the way. TrapDirector should be able to use the snmpTrapAddress field.
If related to the question in any way :
icinga2 --version
): 2.11Describe the bug
First: Nice work, i love this modul idea!
I Don't know if this is a bug, but my traps will not be imported!
Perhaps you have any idea.
I installed the module like you wrote in the readme
Test Trap:
snmptrap -v 2c -c public 127.0.0.1 "" SNMPv2-MIB::sysDescr SNMPv2-MIB::sysLocation.0 s "Just here"
Output in my snmptrap.log:
2019-08-29 13:19:29 localhost [UDP: [127.0.0.1]:47275->[127.0.0.1]:162]:
iso.3.6.1.2.1.1.3.0 = Timeticks: (126785504) 14 days, 16:10:55.04 iso.3.6.1.6.3.1.1.4.1.0 = OID: iso.3.6.1.2.1.1.1 iso.3.6.1.2.1.1.6.0 = STRING: "Just here"
Output in my syslog:
Aug 29 13:19:29 S951 snmptrapd[25917]: 2019-08-29 13:19:29 localhost [UDP: [127.0.0.1]:47275->[127.0.0.1]:162]:
iso.3.6.1.2.1.1.3.0 = Timeticks: (126785504) 14 days, 16:10:55.04 iso.3.6.1.6.3.1.1.4.1.0 = OID: iso.3.6.1.2.1.1.1 iso.3.6.1.2.1.1.6.0 = STRING: "Just here"
Aug 29 13:19:29 S951 php: [2019/08/29 13:19:29] [trap_class.php] : no trap oid found
Aug 29 13:19:29 S951 php: [2019/08/29 13:19:29] [trap_class.php] : Exception : [2019/08/29 13:19:29] [trap_class.php] : no trap oid found
Your Environment:
Additional context
snmptranslate works as aspected:
snmptranslate iso.3.6.1.2.1.1.1
SNMPv2-MIB::sysDescr
Is your feature request related to a problem? Please describe.
Let's say a vendor uses an universal trap to send state info. The Trap contains variables for
state (OK/NOK), severity (minor/major/...), problem category (CPU/memory/disk/powersupply/fan/...)
and an specific error message.
The first thing you need are rules to differentiate between OK and NOK for this trap.
Then you need additional separation for severity and and problem categories.
At last the device sends out some annoying traps over several categories you want to ignore.
How to create rules with such exceptions without exponential complexity?
Describe the solution you'd like
There will be several ways to to solve this problem, this list is not intended to be exhaustive:
Hi, I'm having issues with the trapdirector and the selinux.
If I do "setenforce 0" everything is working fine. But if I enable it (setenforce 1), the trapdirector is blocked and can't read the SNMP trap.
To install trapdirector I used the automatic way.
As it was not working, I tried also to do manually the step "semodule -i /usr/share/icingaweb2/modules/trapdirector/selinux/trapdirector.pp"
make working trapdirector with SELINUX in enforce mode.
If related to the question in any way :
icinga2 --version
): 2.13.2-1Hi patrickpr,
my problem is actually simple but quite complicated.
The trap handling only works if SourceIP matches the IP of the host object from icinga2. Although it asks for the host name when creating the handler.
I tested it and was able to reproduce it by changing the Host Object IP.
It would be great if the trap handling could actually be done via the hostname.
The reason why I use different IPs is: They are firewalls with different interfaces corresponding to different IPs at different locations in a master / satellite setup. I would like to send the active checks to the satellite, so I have to give the host object the IP from the satellite network, unfortunately I cannot control which interface the traps are sent via, and in this case that is the interface for the site connection to the master. If the location connection breaks down, I can no longer process any traps (because only the master receives) but I can continue to get the active checks on the satellite.
icinga2 --version
): r2.12.3-1thanks for an answer
greetings pio
I'm not sure if this is possible, but instead of submitting a passive check to a service, it would be good if instead, an API call could be made.
For example in my situation where I am monitoring UPS input voltage, instead of receiving a trap, and submitted a passive check result to the service, the following would happen:
Trap is received -> Trap handler sees the trap -> Run API call rule.
So when a trap is received saying that there is a new alarm entry added (mains fail), it would run the following API call:
curl -k -s -u username:password -H 'Accept: application/json' \ -X POST 'https://localhost:5665/v1/actions/reschedule-check' \ -d '{ "type": "Service", "filter": "service.name==\"UPS Input Voltage L1\"", "force": true, "pretty": true }'
This allows the critical/warning etc to be determined by thresholds in the commands you have set up. Also, if using Grafana or similar, it should update the graph with appropriate data. Currently, I experience the following:
So instead of a value (e.g. 230) the plugin output it whatever I choose in the trap director. Grafana is unable to display this and despite seeing numerous critical warnings in the history for the service, as far as it is concerned, it has always been 236V or similar.
Thank you
Not finding any information concerning the browser pop-up error "javascript not loaded. this page won't work as expected", in Chrome, after clicking "Add Handler" on a received trap. Of course, the "create handler" button doesn't work, so a handler can't be added. Any ideas what might be causing this?
I'm trying to add a handler from a received trap.
icinga2 --version
): 2.11.2-1When clicking on "Status & Mibs" -> "MIB Management" I get the following exception:
Uncaught ErrorException: Illegal string offset 'attribs' in /usr/share/php/Icinga/Web/Form.php:248
Stack trace:
#0 /usr/share/php/Icinga/Web/Form.php(248): Icinga\Application\ApplicationBootstrap->Icinga\Application\{closure}(2, 'Illegal string ...', '/usr/share/php/...', 248, Array)
#1 /usr/share/icingaweb2/modules/trapdirector/application/controllers/StatusController.php(264): Icinga\Web\Form->__construct('upload-form', Array)
#2 /usr/share/icingaweb2/modules/trapdirector/application/controllers/StatusController.php(200): Icinga\Module\Trapdirector\Controllers\UploadForm->__construct('upload-form')
#3 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action.php(507): Icinga\Module\Trapdirector\Controllers\StatusController->mibAction()
#4 /usr/share/php/Icinga/Web/Controller/Dispatcher.php(76): Zend_Controller_Action->dispatch('mibAction')
#5 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937): Icinga\Web\Controller\Dispatcher->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Respons
#0 [internal function]: Icinga\Application\Web->Icinga\Application\{closure}()
#1 {main}
My Environment:
In the function add_schema_mysql() ist the output:
Connecting...ERROR 1698 (28000): Access denied for user 'root'@'localhost'
somewhat misleading. Because the input was...
Enter database host [set to 127.0.0.1 if you don't enter anything] : 127.0.0.1
in my mysql database is root@localhost
and [email protected]
not the same.
the right Error should be: Connecting...ERROR 1698 (28000): Access denied for user 'root'@'127.0.0.1'
because thats the input i gave to the script.
I think its in Line 383 of the script.
Enter database host [set to 127.0.0.1 if you don't enter anything] :
ive tested with no input and with 127.0.0.1 and this is leading to the error.
If i write "localhost" as input it works as it should.
Klick on Traps->Status & Mibs -> Plugin management cause the following error.
I found a menu in the docs https://github.com/patrickpr/trapdirector/blob/master/doc/15-mib.md#ui-configuration named "UI Configuration" that i dont have in my enviroment. Is there any context between the error below and the missing menu? It looks to me as if the file(plugins.phtml) is assembling the layout for the "Plugins Management" page.
setup trapdirector
If related to the question in any way :
icinga2 --version
): r2.12.0-1#0 /usr/share/icingaweb2/modules/trapdirector/application/views/scripts/status/plugins.phtml(26): Icinga\Application\ApplicationBootstrap->Icinga\Application\{closure}(Integer, String, String, Integer, Array) #1 /usr/share/php/Icinga/Web/View.php(248): include(String) #2 /usr/share/icingaweb2/library/vendor/Zend/View/Abstract.php(877): Icinga\Web\View->_run(String) #3 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(904): Zend_View_Abstract->render(NULL) #4 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(925): Zend_Controller_Action_Helper_ViewRenderer->renderScript(String, NULL) #5 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(964): Zend_Controller_Action_Helper_ViewRenderer->render() #6 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action/HelperBroker.php(272): Zend_Controller_Action_Helper_ViewRenderer->postDispatch() #7 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action.php(518): Zend_Controller_Action_HelperBroker->notifyPostDispatch() #8 /usr/share/php/Icinga/Web/Controller/Dispatcher.php(76): Zend_Controller_Action->dispatch(String) #9 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937): Icinga\Web\Controller\Dispatcher->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response)) #10 /usr/share/php/Icinga/Application/Web.php(300): Zend_Controller_Front->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response)) #11 /usr/share/php/Icinga/Application/webrouter.php(99): Icinga\Application\Web->dispatch() #12 /usr/share/icingaweb2/public/index.php(4): require_once(String) #13 {main}
Symptoms : All web pages of trapdirector return the same error
Versions : all versions
Error message in web UI :
Uncaught Error: Class 'Icinga\Module\TrapDirector\Config\TrapModuleConfig' not found in /usr/share/icingaweb2/modules/trapdirector/application/controllers/SettingsController.php:84
**Cause ** : database name set in /etc/icingaweb2/modules/trapdirector/config.ini does not exist as a resource. This error occurs on configuration page, but as all pages forwards error (because db is not found) to configuration page, all pages display the same error.
How to fix : manually edit /etc/icingaweb2/modules/trapdirector/config.ini and put a correct name in line "database=" : must be a correct DB resource as found in /etc/icingaweb2/resources.ini
Hello Patrick,
Now that I think I've got the kinks worked out, I have a question about this before I start configuring rules and the such. How do I create trap handlers for a number of like devices? In other words, we have a number of access platforms, made by the same vendor, using the same MIBs. Is that where I create the trap rules against the Host Group? Will the source name of the alarming device still come through, or will it be the IP?
I would like to create the rules based on the type of device, rather than every single instance of that device.
Thanks in advance,
-jeff
Hello, a trap is received but when is handle by the TrapApi I got this message
Apr 9 15:12:50 socadm snmptrapd: PHP Parse error: syntax error, unexpected 'const' (T_CONST), expecting variable (T_VARIABLE) in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/TrapApi.php on line 21
Also when I go to /icingaweb2/trapdirector/status/plugins
Parse error
: syntax error, unexpected 'const' (T_CONST), expecting variable (T_VARIABLE) in
/usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsProcess/TrapApi.php
on line
21
If related to the question in any way :
icinga2 --version
): (version: 2.12.3)Is your feature request related to a problem? Please describe.
Reuse already defined (complex) handlers with slightly different settings.
Describe the solution you'd like
Please implement a feature to clone/copy an existing trap handler.
no specific debug logs (level trace or ALL) found.
Instead of updating the handler the following red error message appears:
"Error : count(): Parameter must be an array or an object that implements Countable"
I was not able to identify all JS/PHP scripts involved in this procedure.
Open any existing handler and press "Update" button.
Opening of handler takes some time (3-5sec), if I use hostgroups, it also takes additional time until
service names (for hostgroups) are shown. The previous used director version 1.04 which worked.
Update rule without error message.
icinga2 --version
): 2.13.1A Picture says more then 100 words :)
Add 2 rexep oids in a existing trap handler with no non regexp oid between.
Numbers are counting up
icinga2 --version
): 2.11.3Add any other context about the problem here.
It is more of a question maybe you have already verified the schema changes, however it would be important to have IcingaDB support which will become the de facto db from version 2.12 of Icinga.
Great work!
traphandle created by install script with php-fpm7.2 seems not to work
I called the bin/installer script and this created a
traphandle default /usr/sbin/php-fpm7.2 /usr/share/icingaweb2/modules/trapdirector/bin/trap_in.php
The PHP file path is correct, php-fpm7.2 is there.
In syslog I always see
Apr 13 20:21:41 icinga2 snmptrapd[1023]: Usage: php-fpm7.2 [-n] [-e] [-h] [-i] [-m] [-v] [-t] [-p <prefix>] [-g <pid>] [-c <file>] [-d foo[=bar]] [-y <file>] [-D] [-F [-O]]
and following general help files
If related to the question in any way :
icinga2 --version
):icinga2 - The Icinga 2 network monitoring daemon (version: r2.11.3-1)
Copyright (c) 2012-2020 Icinga GmbH (https://icinga.com/)
License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl2.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
System information:
Platform: Ubuntu
Platform version: 18.04.4 LTS (Bionic Beaver)
Kernel: Linux
Kernel version: 4.15.0-96-generic
Architecture: x86_64
Build information:
Compiler: GNU 8.3.0
Build host: runner-LTrJQZ9N-project-298-concurrent-0
Application information:
General paths:
Config directory: /etc/icinga2
Data directory: /var/lib/icinga2
Log directory: /var/log/icinga2
Cache directory: /var/cache/icinga2
Spool directory: /var/spool/icinga2
Run directory: /run/icinga2
Old paths (deprecated):
Installation root: /usr
Sysconf directory: /etc
Run directory (base): /run
Local state directory: /var
Internal paths:
Package data directory: /usr/share/icinga2
State path: /var/lib/icinga2/icinga2.state
Modified attributes path: /var/lib/icinga2/modified-attributes.conf
Objects path: /var/cache/icinga2/icinga2.debug
Vars path: /var/cache/icinga2/icinga2.vars
PID path: /run/icinga2/icinga2.pid
PHP 7.2.24-0ubuntu0.18.04.3 (cli) (built: Feb 11 2020 15:55:52) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.24-0ubuntu0.18.04.3, Copyright (c) 1999-2018, by Zend Technologies
Hey Patrick,
I didn't know how else to categorize this, but in your Install guide, under "Set up mibs", you are missing an 's' in your path statements.
You have: /usr/share/icingaweb2/module/trapdirector
It should be: /usr/share/icingaweb2/modules/trapdirector
This is in all occurrences of the path in this section.
Just letting you know,
-jeff
Hey Patrick,
First of all, I didn't open this as a Bug, for it may be me not fully understanding everything completely, but it appears to be a bug. I'll let you decide.
Configuration:
I have a NetBotz temperature sensor that I am using to test with, for it gives me the ability to send test traps from it. So, I have the NetBotz configured in Icinga as a host, but also a member of a hostgroup "Sensors". I have the SNMP trap collection template applied to the hostgroup via a service-apply template.
What I'm seeing:
When I send a test trap, it comes in properly. When I attempt to build a trap handler against the host name, everything works, however, when I go down to change the action if the rule matches, the interface changes the Service back to "Ping". So, the workaround there is to configure everything, and then set the Service to "NetBotz SNMP Traps". Once I do that and fire off a test trap, the trap is processed correctly.
So, then I want to test sending to a hostgroup. So, I delete the previous host trap handler and build the exact same handler against the hostgroup. When I fire off a test trap against this handler, nothing happens in Icinga. The trap does not show up. I know the trap is reaching the box, for it's showing up in tcpdump, as before. When I click on the trap handler to verify everything, I get an error at the bottom of the Icinga window: "Service NetBotz doesn't exists anymore". But when I click the Service dropdown, "NetBotz SNMP Traps" service is able to be selected. So, I click update, but when I go back into the trap handler, I receive the same error as before and no traps are collected or processed for anything defined in this handler. I also do not get any notification that the trap was received. It just seems to go into a blackhole at that point.
So, like I said, I may be either doing something incorrectly or missing something. That's the part that I don't know.
I appreciate your help with all of this.
/jeff
I'm trying to create my first trap handler starting from a received trap, but I'm not able to insert the host or host group name.
The error is always the same: invalid hostname (hostid) or invalid hostgroup.
I created 2 hosts named das1 and das2 with IP addresses 1.1.1.1 and 1.1.1.2. I'm receiving correctly the traps from these IPs, but I can't create a trap handler.
Could you please help me to understand if I can fix this issue?
If related to the question in any way :
icinga2 --version
): 2.8.2Name | Version
director | 1.8.0
doc | 2.8.2
incubator | 0.6.0
ipl | v0.5.0
monitoring | 2.8.2
reactbundle | 0.9.0
trapdirector | 1.0.6
I have installed the module according to the documentation but I think I am doing something wrong from step one since the docs show the snmptrapd service as "green" right from the start.
So far I have tried:
Some of these configurations work better than others but not a single one gets rid of the error. Funny thing is that I was able to receive traps the very first time I installed the module. I can also verify that snmptrapd.service is indeed running but Port 162 is closed while 161 is open. Disabling ufw changed nothing, as one would expect.
I am running a trap reciever on the computer the vm is hosted on in combination with a device to send/check/recieve.
Could someone please point me in a direction how I can figure out what I am doing wrong ?
icinga2 --version
): r2.13.2-1Hi
Recently we have updated the icinga2 & icingaweb2 to the new version which is described below. after the upgrade handler and status&Mib tab are not working and getting the below-mentioned error. requesting you to give a solution for this issue
### Handlers
Uncaught Error: Call to undefined method Icinga\Data\Db\DbConnection::getConnection() in /usr/share/icingaweb2/modules/trapdirector/application/controllers/HandlerController.php:35
Stack trace:
#0 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action.php(507): Icinga\Module\TrapDirector\Controllers\HandlerController->indexAction()
#1 /usr/share/php/Icinga/Web/Controller/Dispatcher.php(76): Zend_Controller_Action->dispatch('indexAction')
#2 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937): Icinga\Web\Controller\Dispatcher->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response))
#3 /usr/share/php/Icinga/Application/Web.php(290): Zend_Controller_Front->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response))
#4 /usr/share/php/Icinga/Application/webrouter.php(105): Icinga\Application\Web->dispatch()
#5 /usr/share/icingaweb2/public/index.php(4): require_once('/usr/share/php/...')
#6 {main}
thrown
#0 [internal function]: Icinga\Application\Web->Icinga\Application\{closure}()
#1 {main}
### Status & Mib
Uncaught Error: Call to undefined method Icinga\Data\Db\DbConnection::getConnection() in /usr/share/icingaweb2/modules/trapdirector/library/Trapdirector/TrapsActions/UIDatabase.php:227
Stack trace:
#0 /usr/share/icingaweb2/modules/trapdirector/application/controllers/StatusController.php(24): Icinga\Module\Trapdirector\TrapsActions\UIDatabase->getDbConn()
#1 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action.php(507): Icinga\Module\Trapdirector\Controllers\StatusController->indexAction()
#2 /usr/share/php/Icinga/Web/Controller/Dispatcher.php(76): Zend_Controller_Action->dispatch('indexAction')
#3 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937): Icinga\Web\Controller\Dispatcher->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response))
#4 /usr/share/php/Icinga/Application/Web.php(290): Zend_Controller_Front->dispatch(Object(Icinga\Web\Request), Object(Icinga\Web\Response))
#5 /usr/share/php/Icinga/Application/webrouter.php(105): Icinga\Application\Web->dispatch()
#6 /usr/sh
#0 [internal function]: Icinga\Application\Web->Icinga\Application\{closure}()
#1 {main}
#Environment:
when try to create a new handler , but selected by hostgroup, it fails with "no host filter"
Is your feature request related to a problem? Please describe.
We have a master zone and some satellite zones behind a vpn or firewall. In that cases the master couldn't receive traps.
Describe the solution you'd like
Whould be great to be abble to receibe these snmp traps in one satellite endpoing and sent the status to master
Describe alternatives you've considered
Forward snmp tramps from satellite to master
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.