Configuring Net-SNMP Event Notification Traps

Follow

Issue

How can I configure Net-SNMP to generate SNMP event notification traps?

Environment

  • Cumulus Linux, 2.5.3 and later

{{table_of_contents}}

Resolution

The Net-SNMP agent provides a method to generate SNMP trap events using the Distributed Management (DisMan) Event MIB. This may be useful for generating trap events for various system events such as linkup/down, temperature sensor threshold exceeded, CPU load or memory thresholds exceed, or other SNMP MIBs.

The following example demonstrates how snmpd can be configured on a Cumulus Linux switch to generate various SNMP traps.

In this example, you use snmp-mibs-downloader to download SNMP MIBs to the switch prior to enabling traps. Downloading the MIBs to the switch allows MIB names to be used instead of OIDs. Using MIB names instead of OIDs greatly improves the readability of the snmpd.conf file.

Enabling MIB to OID Translation

To enable OID to MIB translation, download and install the MIBs.

  1. Add the "non-free" repo to /etc/apt/sources.list:
    deb http://ftp.us.debian.org/debian/ wheezy main non-free
  2. Run apt-get update and apt-get install to install snmp-mibs-downloader:
    sudo apt-get update
    sudo apt-get install snmp-mibs-downloader
  3. Remove or comment out the "non-free" repo from /etc/apt/sources.list
    #deb http://ftp.us.debian.org/debian/ wheezy main non-free
  4. Verify that the "mibs :" link is commented out in /etc/snmp/snmp.conf:
    #
    # As the snmp packages come without MIB files due to license reasons, loading
    # of MIBs is disabled by default. If you added the MIBs you can reenable
    # loading them by commenting out the following line.
    #mibs :
  5. Verify that the "export MIBS=" line is commented out in /etc/default/snmpd:
    # This file controls the activity of snmpd and snmptrapd

    # Don't load any MIBs by default.
    # You might comment this lines once you have the MIBs Downloaded.
    #export MIBS=

Configuring Trap Events

The following configuration changes need to be applied to /etc/snmp/snmpd.conf.

Defining Access Credentials

An SNMPv3 username is required to authorize the DisMan service. This example uses "internalUser".

createUser     internalUser
iquerySecName internalUser
rouser internalUser

Defining Trap Receivers

In this example, events are sent to a trap receiver that is capable of receiving SNMPv2 traps. Although the traps are sent to an SNMPV2 receiver, the SNMPv3 user is still required.

trap2sink 192.168.1.1 public

Note: It's possible to define multiple trap receivers. It's also possible to use the domain name instead of IP address in the trap2sink directive.

Configuring LinkUp/Down Notifications

Configure the linkUpDownNotifications directive. This triggers a link up or link down notification when the operational status of the link changes. 

linkUpDownNotifications yes

The default frequency for checking link up/down is 60 seconds. The default frequency can be changed using the monitor directive directly instead of the linkUpDownNotifications directive. See man snmpd.conf for details.

Configuring Temperature Notifications

Temperature sensor information for each available sensor is maintained in the the lmSensors MIB. Each platform may contain a different number of temperature sensors. To generate a trap event when any temperature sensors exceeds a threshold of 68 degrees (centigrade), use the following monitor directive:

monitor lmTemSensor -o lmTempSensorsDevice lmTempSensorsValue > 68000

The above directive monitors each lmTempSensorsValue.  When the threshold value is checked and exceeds the lmTempSensorsValue, a trap is generated. The -o lmTempSenesorsDevice option is used to instruct SNMP to also include the lmTempSensorsDevice MIB in the generated trap. The default frequency for the monitor directive is 600 seconds. The default frequency may be changed using the -r option.

Alternatively, temperature sensors may be monitored individually. To monitor the sensors individually, first use the sensors command to determine which sensors are available to be monitored on the platform. 

#sensors

CY8C3245-i2c-4-2e
Adapter: i2c-0-mux (chan_id 2)
fan5: 7006 RPM (min = 2500 RPM, max = 23000 RPM)
fan6: 6955 RPM (min = 2500 RPM, max = 23000 RPM)
fan7: 6799 RPM (min = 2500 RPM, max = 23000 RPM)
fan8: 6750 RPM (min = 2500 RPM, max = 23000 RPM)
temp1: +34.0 C (high = +68.0 C)
temp2: +28.0 C (high = +68.0 C)
temp3: +33.0 C (high = +68.0 C)
temp4: +31.0 C (high = +68.0 C)
temp5: +23.0 C (high = +68.0 C)

Configure a monitor command for the specific sensor using the -I option. The -I option indicates that the monitored expression is applied to a single instance. In this example, there are five temperature sensors available. The following monitor directive can be used to monitor only temperature sensor three at five minute intervals.

monitor -I -r 300 lmTemSensor3 -o lmTempSensorsDevice.3 lmTempSensorsValue.3 > 68000

Configuring Free Memory Notifications

You can monitor free memory using the following directives:

monitor MemFreeTotal -o memTotalReal memTotalFree <  1000000

The above directive generates a trap when free memory drops below 1,000,000KB. The free memory trap also includes the amount of total real memory.

Configuring Processor Load Notifications

To monitor CPU load for 1, 5 and 15 minute intervals, use the load directive in conjunction with the monitor directive. The following example will generate a trap when the 1 minute interval reaches 12%, the 5 minute interval reaches 10% or the 15 minute interval reaches 5%.

load 12 10 5
monitor -r 60 -o laNames -o laErrMessage "laTable" laErrorFlag !=0

Configuring Disk Utilization Notifications

To monitor disk utilization for all disks, use the includeAllDisks directive in conjunction with the monitor directive. The following directive generates a trap when a disk is 99% full.

includeAllDisks 1%
monitor -r 60 -o dskPath -o DiskErrMsg "dskTable" diskErrorFlag !=0

Configuring Authentication Notifications

To generate authentication failure traps, use the authtrapenable directive.

authtrapenable 1

Starting snmpd

If snmpd is already running, restart snmpd to apply the changes. 

sudo service snmpd restart

If snmpd is not currently running, verify that SNMPDRUN=YES has been configured in /etc/default/snmpd, then start snmpd.

sudo service snmpd start

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk