Check iftraffic is terminating without error

Hello,

I installed extra check iftraffic which is not returning anything.
Followed by https://exchange.icinga.com/exchange/iftraffic
In icinga it causes cirtical (no ouput = false I guess)

I moved to the command line to try in manualy and even tried perl debugger to catch the problem.

root@monitor:/usr/lib/nagios/plugins# ./check_iftraffic.pl -H 192.168.30.100 -i ens192 -b 100 -u m

It runs for few seconds and output nothing.

Last output from perl debug:

main::(./check_iftraffic.pl:104): if ($snmp_version =~ /[12]/) {
DB<1> n
main::(./check_iftraffic.pl:105): ($session, $error) = Net::SNMP->session(
main::(./check_iftraffic.pl:106): -hostname => $host_address,
main::(./check_iftraffic.pl:107): -community => $COMMUNITY,
main::(./check_iftraffic.pl:108): -port => $port,
main::(./check_iftraffic.pl:109): -version => $snmp_version
main::(./check_iftraffic.pl:110): );
DB<1> n
main::(./check_iftraffic.pl:112): if (!defined($session)) {
DB<1> n
main::(./check_iftraffic.pl:126): $iface_number = fetch_ifdescr($session, $iface_descr);
DB<1> n
Debugged program terminated. Use q to quit or R to restart,
use o inhibit_exit to avoid stopping after program termination,
h q, h R or h o to get additional info.
DB<1> q

So its terminating in fetching iface_number from iface_descr which equals to “ens192” according to:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:01:03:be brd ff:ff:ff:ff:ff:ff
inet 192.168.30.100/24 brd 192.168.30.255 scope global ens192
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe01:3be/64 scope link
valid_lft forever preferred_lft forever

Can someone please point me what is the problem?

Thanks

Maybe the error is SNMP version specific, or you’ve hit a problem with Net::SNMP here. Which distribution, perl and net::snmp version are used here?

Cheers,
Michael

1 Like

This tool uses SNMP to query interface statistics, but your test command did not contain any SNMP community string (parameter -C).
Is SNMP stack running on target host?

Greetings,
Manfred

HI,

there is a hardcoded path for the statefile in the script. If the folder does not exist, or has wrong permissions you don’t get any output.

EDIT: Sry, just saw that its a different script and not the same I’am using.

Thanks for your replies.

Debian 9 (amd64)
Perl v5.24.1
NET-SNMP version: 5.7.3

also tried this without any change (still no output)

./check_iftraffic.pl -H 192.168.30.100 -C public -i ens192 -b 100 -u m

snmpd is running

I think it might be some basic problem which Im missing.

Is there any chance to have a look on the issue?
Any further ideas?
Thanks

Have you tried to query the host with snmpwalk to check if the oids are there and giving the correct output?

No luck. Not that familiar with SNMP.
But the tree what I found is not present here for 32 or 64bit.

I also tried the iftraffic64 but the same no output.

Let me show the snmpwalk. Im missing MIB? Or anything else?

root@monitor:/usr/lib/nagios/plugins# snmpwalk -v 2c -c public localhost
iso.3.6.1.2.1.1.1.0 = STRING: “Linux monitor 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1 (2019-04-12) x86_64”
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (465513) 1:17:35.13
iso.3.6.1.2.1.1.4.0 = STRING: “Me me@example.org
iso.3.6.1.2.1.1.5.0 = STRING: “monitor”
iso.3.6.1.2.1.1.6.0 = STRING: “Sitting on the Dock of the Bay”
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.10.3.1.1
iso.3.6.1.2.1.1.9.1.2.4 = OID: iso.3.6.1.6.3.1
iso.3.6.1.2.1.1.9.1.2.5 = OID: iso.3.6.1.6.3.16.2.2.1
iso.3.6.1.2.1.1.9.1.2.6 = OID: iso.3.6.1.2.1.49
iso.3.6.1.2.1.1.9.1.2.7 = OID: iso.3.6.1.2.1.4
iso.3.6.1.2.1.1.9.1.2.8 = OID: iso.3.6.1.2.1.50
iso.3.6.1.2.1.1.9.1.2.9 = OID: iso.3.6.1.6.3.13.3.1.3
iso.3.6.1.2.1.1.9.1.2.10 = OID: iso.3.6.1.2.1.92
iso.3.6.1.2.1.1.9.1.3.1 = STRING: “The MIB for Message Processing and Dispatching.”
iso.3.6.1.2.1.1.9.1.3.2 = STRING: “The management information definitions for the SNMP User-based Security Model.”
iso.3.6.1.2.1.1.9.1.3.3 = STRING: “The SNMP Management Architecture MIB.”
iso.3.6.1.2.1.1.9.1.3.4 = STRING: “The MIB module for SNMPv2 entities”
iso.3.6.1.2.1.1.9.1.3.5 = STRING: “View-based Access Control Model for SNMP.”
iso.3.6.1.2.1.1.9.1.3.6 = STRING: “The MIB module for managing TCP implementations”
iso.3.6.1.2.1.1.9.1.3.7 = STRING: “The MIB module for managing IP and ICMP implementations”
iso.3.6.1.2.1.1.9.1.3.8 = STRING: “The MIB module for managing UDP implementations”
iso.3.6.1.2.1.1.9.1.3.9 = STRING: “The MIB modules for managing SNMP Notification, plus filtering.”
iso.3.6.1.2.1.1.9.1.3.10 = STRING: “The MIB module for logging SNMP Notifications.”
iso.3.6.1.2.1.1.9.1.4.1 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.2 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.3 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.4 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.5 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.6 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.7 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.8 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.9 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.10 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.25.1.1.0 = Timeticks: (148252160) 17 days, 3:48:41.60
iso.3.6.1.2.1.25.1.2.0 = Hex-STRING: 07 E3 0A 11 0E 37 2C 00 2B 02 00
iso.3.6.1.2.1.25.1.3.0 = INTEGER: 393216
iso.3.6.1.2.1.25.1.4.0 = STRING: "BOOT_IMAGE=/boot/vmlinuz-4.9.0-9-amd64 root=UUID=2ae25b7e-3ea0-402b-a0b4-69c0a38c4ad0 ro quiet
"
iso.3.6.1.2.1.25.1.5.0 = Gauge32: 1
iso.3.6.1.2.1.25.1.6.0 = Gauge32: 119
iso.3.6.1.2.1.25.1.7.0 = INTEGER: 0
iso.3.6.1.2.1.25.1.7.0 = No more variables left in this MIB View (It is past the end of the MIB tree)

I never tried that on linux, but i would say, that there is something with your snmpd configuration. No idea here, but don’t think it has anything to do with the check. Try that check against some switch, i’am pretty sure it will work there.

I went in very weird behavior from snmpwalk -> nothing at all OR error for Object not loaded.

So i removed everything associated for snmp and install it again and follow these steps:

https://kifarunix.com/install-and-configure-snmp-ubuntu-18-04-and-centos-7/

My current output is:

root@monitor:/usr/lib/nagios/plugins# ./check_iftraffic64.pl -H 192.168.30.100 -C whateverforthistest -i ens192 -b 100 -u m
CRITICAL: Could not match ens192

For any other combination of Host IP or “lo” instead of “ens192” does not make output at all

root@monitor:/usr/lib/nagios/plugins# netstat -nlpu|grep snmp
udp 0 0 0.0.0.0:42577 0.0.0.0:* 31139/snmpd
udp 0 0 192.168.30.100:161 0.0.0.0:* 31139/snmpd
udp 0 0 127.0.0.1:161 0.0.0.0:* 31139/snmpd

Why is there this check plugin while its not working and even not providing information how to make it working? You have to be senior sysadmin to do this? Why?

How would you do this working? Its just this check-plugin chcecking the same server where its running.

The “S” in SNMP is for “complicated”. Everyone has been there once with debugging SNMP.

Since you are now seeing an output in contrast to before, the SNMP configuration was changed in a good way.

Highly likely the interface is named differently. Try with snmpwalk directly on the ifdesc OID: https://github.com/NETWAYS/check_iftraffic/blob/master/check_iftraffic.pl#L48

Cheers,
Michael

1 Like

if snmpwalk is not giving the correct results, as it looks in your snmpwalk test, the check_plugin can’t get the information you want. It expect the oids for the interfaces and it looks like they are not there.

Thanks for hint.

For sure it was the most weird combination.
lo for localhost (127.0.0.1)
ens192 with IP 192.168.30.100
and guess what the check is working with combination of
-H 192.168.30.100 -i lo

I checked with snmpwalk the ODI you mentioned.

Little bit struggling with writting to the /tmp/traffic as long I get the point about dynamic name inside of the folder and not only file “traffic”.

Created separated folder with owner nagios to be able to create files here.

Beer for you Michael :beer:
Thanks

1 Like