Friday, 20 March 2015

Snmp Traps

Using Snmp Traps

Recently I have been learning snmp  . If you have never heard about snmp , you can find more info about it here . Network management solutions mostly use snmp to monitor devices attached to network .

From the wiki you can find that using mib we can extract required information from managed device .But in large networks  it is impractical for the manager to poll or request information from every object on every device . This brings us to snmp traps , snmp traps enable managed devices to send unsolicited messages to management station . Management station can later decide what to do with the trap notification . There isn't much documentation regarding snmp traps ,so i'm writing this post in hope that someone will find this info useful  .

First configure snmptrapd   , if you have created user named read_only_user for monitoring ,
 
#echo authCommunity log read_only_user >> /etc/snmp/snmptrapd.conf  
 
will let snmptrapd service  process the traps which are received using read_only_user string . now start the snmptrapd service to view the received traps . you can do that by

#systemctl start snmptrapd.service 

now we will send some traps notifications using snmptrap  utility

#snmptrap -v2c -c read_only_user 127.0.0.1 0 SNMPv2-MIB::authenticationFailure

The above command will send a trap notification with authentationFailure as notification name , you can find more notifications here .  You might want to send more information with the trap to process the data more efficiently

#snmptrap -v2c -c read_only_user 127.0.0.1 0 SNMPv2-MIB::authenticationFailure\
 SNMPv2-MIB::sysContact.0 = 'root@locathost'

The above command will send the contact data along with trap notification . If you want to send Hostname you can do that by

# snmptrap -v2c -c read_only_user 127.0.0.1 0 SNMPv2-MIB::authenticationFailure\
 SNMPv2-MIB::sysName.0 = 'LightingBolt'


No comments:

Post a Comment