/var/run/snmptrapd.pid missing on Ubuntu16.04

wuxueyi · September 9, 2019, 4:16pm

Hello,

I’m trying to use Icinga2 to monitor the SNMP traps from devices.
According to the documents, /var/run/snmptrapd.pid should be used in the following two configuration files.

/etc/init.d/snmptrapd
TRAPDOPTS=’-On -Lsd -p /var/run/snmptrapd.pid’

/etc/default/snmpd
TRAPDOPTS=’-On -Lsd -p /var/run/snmptrapd.pid’

However, it’s not found in the system.

root@icingaserver:~# ll /var/run/snmp*
-rw------- 1 root root 6 Sep 9 23:44 /var/run/snmpd.pid
prw------- 1 root root 0 Sep 9 22:57 /var/run/snmptrapfmt.p|
-rw-r–r-- 1 root root 4 Sep 9 22:57 /var/run/snmptrapfmt.pid
-rw-rw-r-- 1 root root 6 Sep 9 23:44 /var/run/snmptt.pid

Could you please advise the possible reason and how to fix it? Thank you!

The version information for your reference.

root@icingaserver:~# icinga2 --version
icinga2 - The Icinga 2 network monitoring daemon (version: r2.10.5-1)

Copyright © 2012-2019 Icinga GmbH (https://icinga.com/)
License GPLv2+: GNU GPL version 2 or later http://gnu.org/licenses/gpl2.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

System information:
Platform: Ubuntu
Platform version: 16.04.6 LTS (Xenial Xerus)
Kernel: Linux
Kernel version: 4.4.0-31-generic
Architecture: x86_64

Build information:
Compiler: GNU 5.4.0
Build host: 37f21293ead0

a1mw · September 9, 2019, 8:03pm

Hi,

snmptrapd is not part of Icinga2, it’s part of the net-snmp software as daemon to receive SNMP traps.

You have to configure it (/etc/snmp/snmptrapd.conf), and if you start it as service there will be the
pid file you are looking for.

Usually you have to integrate SNMP traps into Icinga2 by forwarding traps to a traphandler like
snmptt or the new Icingaweb2 module trapdirector. These tools process the traps (i.e. set severities based on trap variables, log,…) and are able to create check results for passive services which are fed into Icinga2.
You will find a howto in Icinga2 Doc here.

Cheers,
Manfred

wuxueyi · September 10, 2019, 9:58am

Hi Manfred,

Thanks for your quick response and suggestions!

Now the SNMP trap can be received by SNMPTRAPD and recorded in the /var/log/snmptt/snmptt.log log file.

root@icingaserver:/var/log/snmptt# cat /var/log/snmptt/snmptt.log
Tue Sep 10 17:41:11 2019 .1.3.6.1.4.1.2011.2.91.10.2.1.0.1 Normal “Status Events” 8.44.143.66 - Array N/A Trap Test Alarm 2 1 4294967294 07 E3 09 0A 11 28 04 00 4294967295 This alarm just for testing.Please ignore it. 1 2305843009213693950 819 21023520526062910601

The next question is how to display the SNMP trap on the icingaweb2?
I followed the Icinga2 Doc to configure the two configuration files /etc/snmp/snmptt.conf and /etc/icinga2/conf.d/services.conf, however, it seems not work correctly.
On the icingaweb2, there does have an service DoradoTRAP, but it’s in “CRITICAL” status, the content of SNMP trap is not displayed.
Could you please advise how to modify the two configuration files？Thank you very much!

root@icingaserver:/var/log/snmptt# cat /etc/snmp/snmptt.conf
EVENT enterpriseSpecific .1.3.6.1.4.1.2011.2.91.10.2.1.0.1 “Status Events” Normal
FORMAT $*
EXEC echo “[$@] PROCESS_SERVICE_CHECK_RESULT;$A;$1;$2;$3” >> /var/run/icinga2/cmd/icinga2.cmd
SDESC
An enterprise specific trap.
The varbinds in order denote the Icinga service name, state and text.
EDESC
root@icingaserver:/var/log/snmptt#

root@icingaserver:/var/log/snmptt# cat /etc/icinga2/conf.d/services.conf
…
object Service “DoradoTRAP” {
import “generic-service”

host_name = “icingaserver”
check_command = “dummy”

enable_notifications = 1
enable_active_checks = 1
enable_passive_checks = 1
enable_flapping = 0
volatile = 1
max_check_attempts = 1
check_interval = 60
enable_perfdata = 0

vars.sla = “24x7”
vars.dummy_state = 2
vars.dummy_text = “No passive check result received.”
}

Regards,
Ian

wuxueyi · September 11, 2019, 1:08pm

Hi Manfred,

My problem has been solved by the help of https://somoit.net/icinga/icinga-passive-checks-2.

My configuration:

vi /etc/icinga2/conf.d/templates.conf
template Service “passive-service” {
import “generic-service”
check_command = “passive”
enable_active_checks = false
enable_passive_checks = true
check_interval = 2m
}

vi /etc/icinga2/conf.d/services.conf
apply Service “service.Dorado” {
import “passive-service”
assign where host.name == “host.Dorado”
}

vi /etc/icinga2/conf.d/hosts.conf
object Host “host.Dorado” {
import “generic-host”
address = “8.44.143.66”
check_command = “hostalive”
}

vi /etc/snmp/snmptt.conf
EVENT enterpriseSpecific .1.3.6.1.4.1.2011.2.91.10.2.1.0.1 “Status Events” Normal
FORMAT $*
EXEC echo “[date +%s] PROCESS_SERVICE_CHECK_RESULT;host.Dorado;service.Dorado;$6;SourceIP:$A,AlarmName:$4” >> /var/run/icinga2/cmd/icinga2.cmd
SDESC
An enterprise specific trap.
The varbinds in order denote the Icinga service name, state and text.
EDESC

Thanks and regards,
Ian