{"id":199,"date":"2022-03-31T10:47:11","date_gmt":"2022-03-31T08:47:11","guid":{"rendered":"https:\/\/whoami.lausitz-event.info\/?p=199"},"modified":"2022-03-31T11:05:38","modified_gmt":"2022-03-31T09:05:38","slug":"snmp-traps-mit-icinga2-verarbeiten","status":"publish","type":"post","link":"https:\/\/whoami.lausitz-event.info\/?p=199","title":{"rendered":"SNMP Traps mit Icinga2 verarbeiten"},"content":{"rendered":"\n\n

Bestimmte Checks lassen sich am besten \u00fcber Traps verarbeiten. Je nach konfiguriertem Zeitintervall eines aktiven Checks, bekommen wir mit was gerade passiert oder eben auch nicht. Es ist also ein Gl\u00fccksspiel. Was w\u00e4re also wenn der Switch von sich aus aufmerksam machen w\u00fcrde, dass sich die Spanning-Tree Topology gerade ge\u00e4ndert hat, oder das eine neue Root-Bridge entdeckt wurde.<\/p>\n\n\n\n\n\n

Dazu verwenden wir SNMPTrapd zum Empfang der Traps und SNMPTT zur \u00dcbersetzung dieser in ein lesbares Format.<\/p>\n\n\n\n\n\n

dnf install -y net-snmp-libs net-snmp-utils net-snmp\ndnf install -y https:\/\/download-ib01.fedoraproject.org\/pub\/epel\/7\/x86_64\/Packages\/s\/snmptt-1.4.2-1.el7.noarch.rpm<\/code><\/pre>\n\n\n\n\n\n
Konfiguration SNMPTrap Daemon \/etc\/snmp\/snmptrapd<\/p>\n\n\n\n\n\n
authCommunity   log,execute,net public\ntraphandle default \/usr\/sbin\/snmptthandler\ndisableAuthorization yes<\/code><\/pre>\n\n\n\n\n\n
Konfiguration Startscript SNMPTrap Daemon \/etc\/sysconfig\/snmptrapd <\/p>\n\n\n\n\n\n
OPTIONS=\"-On\"<\/code><\/pre>\n\n\n\n\n\n
Mit der Installation des SNMPTT Paketes wird der Nutzer snmptt angelegt. Damit dieser sein Ergebnis sp\u00e4ter an Icinga \u00fcbergeben kann, muss dieser der Gruppe icingacmd hinzugef\u00fcgt werden.<\/p>\n\n\n\n\n\n
usermod -aG icingacmd snmptt<\/code><\/pre>\n\n\n\n\n\n
F\u00fcr unser Beispiel mit den Spanning-Tree Events laden wir nun das MIB File<\/a> herunter und entpacken es nach \/usr\/share\/snmp\/mibs\/. Nun muss die MIB Datei noch f\u00fcr SNMPTT konvertiert werden.<\/p>\n\n\n\n\n\n
snmpttconvertmib --in=\/usr\/share\/snmp\/mibs\/BRIDGE-MIB.my --out=\/etc\/snmp\/snmptt.conf<\/code><\/pre>\n\n\n\n\n\n
Jetzt werden die Inhalte in der \/etc\/snmp\/snmptt.conf angepasst, sodass die entsprechende Message an Icinga2 \u00fcbergeben werden kann.<\/p>\n\n\n\n\n\n
EVENT topologyChange .1.3.6.1.2.1.17.0.2 \"Status Events\" Normal\nFORMAT A topologyChange trap is sent by a bridge when any of $*\nEXEC echo \"[$@] PROCESS_SERVICE_CHECK_RESULT;$A;Traps;1;Spanning-Tree Topology Change.\" >> \/var\/run\/icinga2\/cmd\/icinga2.cmd<\/strong>\nSDESC\nA topologyChange trap is sent by a bridge when any of\nits configured ports transitions from the Learning state\nto the Forwarding state, or from the Forwarding state to\nthe Blocking state.  The trap is not sent if a newRoot\ntrap is sent for the same transition.  Implementation of\nthis trap is optional.\nVariables:\nEDESC<\/code><\/pre>\n\n\n\n\n\n
Damit Icinga2 die Meldungen zuordnen kann, wird diese aus der Kombination Hostname + Checkname gebildet. <\/p>\n\n\n\n\n\n
Traps - Ist der Check-Bezeichner<\/p>\n\n\n","protected":false},"excerpt":{"rendered":"
Bestimmte Checks lassen sich am besten \u00fcber Traps verarbeiten. Je nach konfiguriertem Zeitintervall eines aktiven Checks, bekommen wir mit was gerade passiert oder eben auch nicht. Es ist also ein Gl\u00fccksspiel. Was w\u00e4re also wenn der Switch von sich aus aufmerksam machen w\u00fcrde, dass sich die Spanning-Tree Topology gerade ge\u00e4ndert hat, oder das eine neue […]<\/p>","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9],"tags":[],"class_list":["post-199","post","type-post","status-publish","format-standard","hentry","category-icinga"],"_links":{"self":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/199","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=199"}],"version-history":[{"count":10,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/199\/revisions"}],"predecessor-version":[{"id":212,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/199\/revisions\/212"}],"wp:attachment":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}