- By: Bian Jiang ([email]borderj@gmail.com[/email])
- From: [url]http://www.b0rder.com[/url]
- Date: 2008.11.11
1,agent端:
2,manager端:
1, manager端
authcommunity execute,log,net public
1,处理系统默认的trap
traphandle .1.3.6.1.6.3.1.5.1 page_me up traphandle .1.3.6.1.4.1.2021.251.1 page_me up traphandle .1.3.6.1.4.1.2021.251.2 page_me down traphandle default log_it
可以通过:
./configure --with-mib-modules="examples/notification" make sudo make install
snmptrap -v 2c -c public 127.0.0.1:162 "" UCD-SNMP-MIB::ucdStart
NET-SNMP version 5.4.1.2 Received 73 bytes from UDP: [127.0.0.1]:41244 0000: 30 47 02 01 01 04 06 70 75 62 6C 69 63 A7 3A 02 0G.....public.:. 0016: 04 42 8A 48 EC 02 01 00 02 01 00 30 2C 30 10 06 .B.H.......0,0.. 0032: 08 2B 06 01 02 01 01 03 00 43 04 00 88 86 97 30 .+.......C.....0 0048: 18 06 0A 2B 06 01 06 03 01 01 04 01 00 06 0A 2B ...+...........+ 0064: 06 01 04 01 8F 65 81 7B 01 .....e.{. 2008-11-11 10:16:12 localhost [UDP: [127.0.0.1]:41244]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (8947351) 1 day, 0:51:13.51 SNMPv2-MIB::snmpTrapOID.0 = OID: UCD-SNMP-MIB::ucdStart sh: page_me: command not found
2, 处理自定义trap(参考 [url]http://www.net-snmp.org/wiki/index.php/TUT:snmptrap[/url] )
TRAP-TEST-MIB DEFINITIONS ::= BEGIN IMPORTS ucdExperimental FROM UCD-SNMP-MIB; demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 } demo-trap TRAP-TYPE STATUS current ENTERPRISE demotraps VARIABLES { sysLocation } DESCRIPTION "This is just a demo" ::= 17 END
NOTIFICATION-TEST-MIB DEFINITIONS ::= BEGIN IMPORTS ucdavis FROM UCD-SNMP-MIB; demonotifs OBJECT IDENTIFIER ::= { ucdavis 991 } demo-notif NOTIFICATION-TYPE STATUS current OBJECTS { sysLocation } DESCRIPTION "Just a test notification" ::= { demonotifs 17 } END
snmptrap -v 2c -c public 127.0.0.1:162 "" NOTIFICATION-TEST-MIB::demo-notif SNMPv2-MIB::sysLocation.0 s "just here"
Received 96 bytes from UDP: [127.0.0.1]:44858 0000: 30 5E 02 01 01 04 06 70 75 62 6C 69 63 A7 51 02 0^.....public.Q. 0016: 04 7D BA 0E AA 02 01 00 02 01 00 30 43 30 10 06 .}.........0C0.. 0032: 08 2B 06 01 02 01 01 03 00 43 04 00 89 19 29 30 .+.......C....)0 0048: 18 06 0A 2B 06 01 06 03 01 01 04 01 00 06 0A 2B ...+...........+ 0064: 06 01 04 01 8F 65 87 5F 11 30 15 06 08 2B 06 01 .....e._.0...+.. 0080: 02 01 01 06 00 04 09 6A 75 73 74 20 68 65 72 65 .......just here 2008-11-11 10:22:27 localhost [UDP: [127.0.0.1]:44858]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (8984873) 1 day, 0:57:28.73 SNMPv2-MIB::snmpTrapOID.0 = OID: NOTIFICATION-TEST-MIB::demo-notif SNMPv2-MIB::sysLocation.0 = STRING: just here sh: log_it: command not found
3, 自己编写处理trap脚本
#!/bin/sh read host read ip vars= while read oid val do if [ "$vars" = "" ] then vars="$oid = $val" else vars="$vars, $oid = $val" fi done echo trap: $1 $host $ip $vars
traphandle SNMPv2-MIB::coldStart /root/bin/traps cold traphandle SNMPv2-MIB::warmStart /root/bin/traps warm traphandle IF-MIB::linkDown /root/bin/traps down traphandle IF-MIB::linkUp /root/bin/traps up traphandle SNMPv2-MIB::authenticationFailure /root/bin/traps auth
traphandle .1.3.6.1.6.3.1.1.5.6 /root/bin/traps egp-neighbor-loss
snmptrap -v 1 -c public 127.0.0.1:162 TRAP-TEST-MIB::demotraps 127.0.0.1 2 0 "" IF-MIB::ifIndex i 1
NET-SNMP version 5.4.1.2 Received 63 bytes from UDP: [127.0.0.1]:44203 0000: 30 3D 02 01 00 04 06 70 75 62 6C 69 63 A4 30 06 0=.....public.0. 0016: 0A 2B 06 01 04 01 8F 65 0D 87 5E 40 04 7F 00 00 .+.....e..^@.... 0032: 01 02 01 02 02 01 00 43 04 00 8A 4F 90 30 10 30 .......C...O.0.0 0048: 0E 06 09 2B 06 01 02 01 02 02 01 01 02 01 01 ...+........... 2008-11-11 10:35:42 localhost [127.0.0.1] (via UDP: [127.0.0.1]:44203) TRAP, SNMP v1, community public TRAP-TEST-MIB::demotraps Link Down Trap (0) Uptime: 1 day, 1:10:43.36 IF-MIB::ifIndex = INTEGER: 1 sh: /root/bin/traps: 权限不够
Received 63 bytes from UDP: [127.0.0.1]:44769 0000: 30 3D 02 01 00 04 06 70 75 62 6C 69 63 A4 30 06 0=.....public.0. 0016: 0A 2B 06 01 04 01 8F 65 0D 87 5E 40 04 7F 00 00 .+.....e..^@.... 0032: 01 02 01 02 02 01 00 43 04 00 8A A0 B9 30 10 30 .......C.....0.0 0048: 0E 06 09 2B 06 01 02 01 02 02 01 01 02 01 01 ...+........... 2008-11-11 10:39:10 localhost [127.0.0.1] (via UDP: [127.0.0.1]:44769) TRAP, SNMP v1, community public TRAP-TEST-MIB::demotraps Link Down Trap (0) Uptime: 1 day, 1:14:11.13 IF-MIB::ifIndex = INTEGER: 1 trap: down localhost UDP: [127.0.0.1]:44769 DISMAN-EVENT-MIB::sysUpTimeInstance = 1:1:14:11.13, SNMPv2-MIB::snmpTrapOID.0 = IF-MIB::linkDown, IF-MIB::ifIndex = 1, SNMP-COMMUNITY-MIB::snmpTrapAddress.0 = 127.0.0.1, SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 = "public", SNMPv2-MIB::snmpTrapEnterprise.0 = TRAP-TEST-MIB::demotraps
4, 让agent自动产生trap
[url]http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17[/url]):
# From: [url]http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17[/url] # send v1 traps trapsink 127.0.0.1:162 # also send v2 traps trap2sink 127.0.0.1:162 informsink 127.0.0.1:162
- [url]http://blog.chinaunix.net/u1/43391/showart_355332.html[/url]
- [url]http://www.net-snmp.org/dev/agent/notification_8c-example.html[/url]
- [url]http://www.net-snmp.org/wiki/index.php/TUT:snmptrap#Agent_Traps[/url]
- Where are these traps sent to [url]http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17[/url]
- [url]http://net-snmp.sourceforge.net/docs/man/snmp_trap_api.html[/url]
- By: Bian Jiang ([email]borderj@gmail.com[/email])
- From: [url]http://www.b0rder.com[/url]
- Date: 2008.11.11