You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/en/docs/coshsh/snmp_traps/_index.md
+62-2Lines changed: 62 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,11 +11,19 @@ SNMP Traps and Nagios (or any other related systems) is one of those topics that
11
11
Let's start with a picture. A network device sends traps to the OMD server. Here we have a process [samplicate](https://github.com/sleinen/samplicator) listening on port 162 which duplicates the udp packets and forwards them to the OMD sites which are configured as trap recipients, Such sites have an *snmptrapd* process, which writes the contents of an incoming trap in a logfile, *traps.log*. (we see three traps here, arriving at port 162 in the order blue, green, red. In the same order they arrive at the sites' snmptrap daemons and in the same order they are written to the logfile)
12
12
That's all. Later you will learn how the logfile is scanned for incoming traps, how these are evaluated, how the trap sender is identified among the monitored host objects and how the right service is set into an alarm state.
13
13
14
-
15
14
15
+
<!--
16
+
You need:
17
+
a PC which acts as the trap sender
18
+
a VM with OMD which acts as trap destination and monitoring server
19
+
create an omd site
20
+
edit etc/environment OMD_LANDSCAPE=lab
21
+
share/coshsh/contrib/coshsh-prepar-landscape
22
+
-->
23
+
16
24
17
25
## Setup trap processing on an OMD server
18
-
The first part of this article focuses on preparing an OMD server. Specifically, it explains how to ensure that an incoming trap is simultaneously forwarded to multiple OMD sites (e.g., testing, production, etc.).
26
+
The first part of this article focuses on preparing an OMD server. Specifically, in the end it will explains how to ensure that an incoming trap is simultaneously forwarded to multiple OMD sites (e.g., testing, production, etc.).
19
27
20
28
First, any existing snmptrapd process must be stopped, and its associated init script or systemd service must be removed. With most distributions this is achieved by running the following commands as the root user:
21
29
```bash
@@ -122,6 +130,58 @@ Total translations: 1
122
130
Successful translations: 1
123
131
Failed translations: 0
124
132
```
133
+
134
+
### Prepare Coshsh and create a trap-sending host
135
+
You probably executed the **snmptrap** command on a Windows or Linux host. Let's configureCoshsh and OMD so that this host ist being monitored and its traps are triggering an alarm.
136
+
The "CMDB" we will use is a set of CSV files, located in*etc/coshsh/data*. The first one describes attributes of the host will be used to shape the host object in Naemon. For the example we fake a notional appliance of type*Blackenbox* running the *HeartbeatOS*
Then we need a Python class for*HeartbeatOS*, for which we create a file *etc/coshsh/recipes/trapdemo/classes/os_heartbeatos.py* with the following content:
151
+
152
+
```python
153
+
import coshsh
154
+
from coshsh.application import Application
155
+
from coshsh.templaterule import TemplateRule
156
+
from coshsh.util import compare_attr, is_attr
157
+
158
+
def __mi_ident__(params={}):
159
+
if coshsh.util.is_attr("name", params, "os") and coshsh.util.compare_attr("type", params, ".*heartbeatos.*"):
0 commit comments