SNMPTT Doesnt process traps

Hello everyone,

I dont know if any of you is willing to help with this or if this is the right place but SNMPTT has very little resources available.

I have set up Icinga to monitor a bunch of SNMP stuff through SNMP command, but ive ran into an issue with some appliances (Dell Unity in particular) having no SNMP check support and only supporting traps.

Ive set up SNMPTT following the official documentation, set up traps to be sent to icinga-srv, i receive the traps, snmptrapd sees all the incoming traps but snmptt doesnt translate them. snmptrapd in syslog is constantly coming in, snmptt has nothing in syslog, snmpttunknown.log has all the traps in there.

For testing i picked a very basic trap “Uptime”. MIB is available as the active check SNMP is able to deliver the result.

snmptt.conf

EVENT .1.3.6.1.2.1.1.3.0 "Status Events" Normal
FORMAT trapworks

Trap im trying to monitor:

2024-08-09T09:38:33.149251+00:00 icinga snmptrapd[14714]:   .1.3.6.1.2.1.1.3.0             type=67 value=Timeticks: (566563400) 65 days, 13:47:14.00

This trap in snmpttunknown.log:

Fri Aug  9 09:58:55 2024: Unknown trap (.1.3.6.1.4.1.14179.2.6.3.41) received from WLC IP at:
Value 0: WLC IP
Value 1: WLC IP
Value 2: (566685700) 65 days, 14:07:37.00
Value 3: .1.3.6.1.4.1.14179.2.6.3.41
Value 4: WLC IP
Value 5: Icinga
Value 6:
Value 7: 0x57e6b6e6f677e6
Value 8: unknown
Value 9: 0x57e6b6e6f677e6
Value 10: unknown
Ent Value 0: .1.3.6.1.4.1.14179.2.1.7.1.1.0=Hex-STRING: C4 DD 57 9E 51 15
Ent Value 1: .1.3.6.1.4.1.14179.2.1.8.1.1.0=Hex-STRING: 00 77 8D D7 84 E0
Ent Value 2: .1.3.6.1.4.1.14179.2.1.8.1.2.0=0
Ent Value 3: .1.3.6.1.4.1.14179.2.1.8.1.3.0=6
Ent Value 4: .1.3.6.1.4.1.14179.2.1.8.1.4.0=ACCESSPOINTNAME

Trap in spool:

1723198932
WLC IP
WLC IP
.1.3.6.1.2.1.1.3.0 (566825300) 65 days, 14:30:53.00
.1.3.6.1.6.3.1.1.4.1.0 .1.3.6.1.4.1.14179.2.6.3.39
.1.3.6.1.6.3.18.1.4.0 Icinga
.1.3.6.1.4.1.14179.2.2.1.1.1.20.22.157.69.1.32 Hex-STRING: 14 16 9D 45 01 20
.1.3.6.1.4.1.14179.2.2.2.1.1.20.22.157.69.1.32.0 0
.1.3.6.1.4.1.14179.2.2.1.1.3.0 "ACCESSPOINTNAME"
.1.3.6.1.6.3.10.2.1.1.0 "0x57e6b6e6f677e6"
.1.3.6.1.6.3.18.1.1.1.3 "unknown"
.1.3.6.1.6.3.18.1.1.1.4 "0x57e6b6e6f677e6"
.1.3.6.1.6.3.18.1.1.1.5 "unknown"

Settings:

mibs_environment = ALL
snmptrapd -On

If anyone is willing to help or point me in the right direction, that would be greatly appreciated.

BR,
Terro

We had pretty bad experiences with SNMP traps (use the search function here if you want more details) and strongly prefer active checks only. A quick look for a propriate plugin I found this.

In this case, is there a way to handle multiple entry tables with active checks.

For example ifDesc for each eth port or SMART data for all disks, all part of one check command or would this have to be defined port by port, disk by disk?

Or would maybe trapdirector work better than SNMPTT?

In general yes, but it depends on the plugin. For example, we use one plugin that checks all components of HPE iLO Board with just one call. I’ve written a plugin that checks all components of a HPE MASA2050 also with just one call.

1 Like

We’ve never tried it, but as said we would never try SNMP traps again at all.

1 Like