Shulou(Shulou.com)05/31 Report--

This article is about what SNMPTRAP is. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

As a powerful open source software, Zabbix is known as "Monitor Everything". To a large extent, it relies on the data collection support of SNMP. SNMP is a protocol used to manage devices. At present, SNMP has become a de facto industrial standard in the field of network management, and has been widely supported and applied. Most network management systems and platforms are based on SNMP. If the NMS (network management system) needs to query the status of the managed device, it needs to obtain the status information of the device through the get operation of SNMP. However, because the alarm information is generally actively alerted by the managed server, it can not be carried out through the active use of snmpget by the management side, but by the managed server through SNMPTRAP.

What is SNMPTRAP

SNMP trap (SNMP trap): some kind of entrance at which the SNMP managed device actively notifies the SNMP manager rather than waiting for the SNMP manager to poll again.

SNMP Trap is a part of SNMP. When a specific event occurs in the monitored segment, which may be due to performance problems, or even the network device interface is down, the agent will send an alarm to the management station. If Agent does not actively notify NMS when a particular event occurs, then NMS must constantly poll Agent. This is a very wasteful approach to computing resources, just as people use interrupts to notify the arrival of CPU data, rather than letting CPU poll. Trap notification is a more reasonable choice. In a word, SNMP Trap is a mechanism by which managed devices actively send messages to NMS.

II. Functional characteristics of SNMPTRAP

1, event-driven, the first time to receive equipment failure alarm

Driven by events, the monitored host, network equipment and applications send SNMP Trap to NMS in case of failure, and send alarms to managers as quickly as possible by translating and displaying the received SNMP Trap. SNMP Trap is different from the active collection of SNMP. According to the fixed time interval, the SNMP acquisition server collects the performance indicators of the monitored side by the way of inquiry, so the speed of finding the performance problems of the monitored side depends on the frequency interval of the collection. On the other hand, SNMP Trap is event-driven and sets traps on the monitored end. Once there are related problems in the monitored equipment, it immediately sends SNMP Trap, so it can find the fault in the shortest time and avoid the economic loss caused by the equipment failure.

2. Provide SNMPTrap reception and display events through the translation of Trap messages

Support the SNMP Trap information of devices, hosts and applications from passive to active, and fully monitor the IT system. Through the translation and presentation of SNMP Trap, once there is a problem with an IT component, the fault information can be received in a short time to meet the needs of enterprises to quickly find the problem.

Through the definition of SNMPTrap receiving rules, administrators can filter the Trap information of non-important devices, and can also filter non-important fault information of monitored devices to help administrators receive the management information they really need at the first time.

3. Customize SNMPTrap alarm rules to trigger alarms and provide multiple ways to send alarm messages.

Users customize the SNMP Trap information that needs alarm through the management side, and send an alarm to the relevant personnel through e-mail, text message, voice, Wechat and other ways for specific SNMP Trap events, to help managers quickly receive IT system fault information.

4. Support event export

Summarize specific SNMPTrap events in a specific time, and export event data in Excel format at the same time, which is convenient for managers to count and analyze fault information.

5. Support the import of MIB libraries from all kinds of equipment manufacturers

Although all kinds of domestic network devices support SNMP Trap, the MIB libraries of various manufacturers can not well support public standards. Therefore, many monitoring systems support the import of private MIB libraries to ensure full compatibility with the SNMP Trap information of devices from various manufacturers.

III. SNMPTRAP work flow

1. Agent side

A, prepare MIB documents, determine the TRAP name and other information (general MIB equipment manufacturers will provide)

B, command method: send all kinds of TRAP commands (port number 162 must be added after the Manager address). See the response result on the manager side, but there is no response on the Agent side.

C. Automatic trigger: configure snmpd.conf to trigger TRAP. When a certain type of error occurs, the system will automatically trigger the corresponding type of TRAP and send it to Manager.

D, program mode: a part of TRAP needs to write C language program and send it with corresponding api (send_easy_trap or send_v2trap)

2. Manager side

Configure snmptrapd.conf files and set access permissions

Import the MIB file into the mibs folder

C, use perl and other scripting languages to write programs to deal with trap

D, configure the snmptrapd.conf file, add the traphandler entry, and correspond different TRAP to different handlers

3. Flow chart

In the figure, the snmptrapd process is started on the test machine M1, and the SNMP Trap message is monitored on the UDP port 162. once the Trap,snmptrapd is received, the received Trap information content is printed to a local text file. Machine M2 simulates the device that sends SNMP Trap, sending a Trap that invokes net-snmp 's command-line program snmptrap.

4. The implementation process of SNMPTRAP on ZABBIX

1. Set ZABBIX to receive SNMP Trap

1), install dependent packages

Yum install-y net-snmp-utils net-snmp-perl

2) download and decompress the Zabbix source code package

Tar-zxvf zabbix-2.2.1.tar.gz

3), copy the script from the source file and add execution permissions

Cp. / zabbix-2.2.1/misc/snmptrap/zabbix_trap_receiver.pl / usr/binchmod + x / usr/bin/zabbix_trap_receiver.pl

4), set the Trap receiver and community name

Vi / etc/snmp/snmptrapd.conf

# you can set multiple community names:

# authCommunity execute public

# authCommunity execute S7di@kjh8

AuthCommunity execute public

Perl do "/ usr/bin/zabbix_trap_receiver.pl"

5), edit the zabbix_server.conf configuration file to enable SNMP Trap

Vi / etc/zabbix/zabbix_server.conf

StartSNMPTrapper=1

SNMPTrapperFile=/tmp/zabbix_traps.tmp (Note: must be the same as set in the zabbix_trap_receiver.pl script)

6) restart the zabbix_server service to make the configuration effective

/ etc/init.d/zabbix-server restart

7), set SNMP MIBs

By default, MIBs adds the MIB name to the / etc/snmp/snmp.conf configuration file under the system directory / usr/share/snmp/mibs (manually create a new configuration file if it does not exist), which will be used by the Net-SNMP process to resolve the trap OID value.

Example: mibs + JUNIPER-MIB:JUNIPER-FABRIC-CHASSIS:BGP4-MIB

8) restart the snmptrapd service

/ etc/init.d/snmptrapd restart

2. Configure ZABBIX

1), create "SNMP trap fallback" template and "SNMP trap fallback" monitoring item:

Monitoring item name: SNMP trap fallback

Type: SNMP trap

Key value: snmptrap.fallback

Data type: Log

Note: this monitoring item is used to collect all mismatched trap

2), create a trigger to notify the administrator about the new mismatch trap:

Trigger name: Unmatched SNMP trap received from {HOST.NAME}

Expression: {Template SNMP trap fallback:snmptrap.fallback.nodata (300)} = 0

3) create a "Template SNMP traps" template and link to "Template SNMP trap fallback"

In the Template SNMP traps template, create the required monitoring items for trap. Key values are in snmptrap [regex] format

Example:

Key: snmptrap ["SNMPv2-MIB::coldStart"]

Instead of OID values (numbers or text), you can use any word / phrase from an trap text:

Key: snmptrap ["No route to host"]

In this case, Zabbix captures all SNMP Trap containing "No route to host" from the matching address.

4) create triggers for monitoring items

The template created earlier creates triggers for the necessary projects (Trap).

Some variables are involved here. Take the monitoring item in the previous example as an example to create a trigger:

Expression:

{Template SNMP traps:snmptrap ["SNMPv2-MIB::coldStart"] .nodata (5m)} = 0

This means that if the trap receives and automatically returns the OK state after 5 minutes, the trigger enters the warning state

5) View the data obtained by ZABBIX

Thank you for reading! This is the end of this article on "what is SNMPTRAP?". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.