As well as receiving SNMP traps in Nagios, you can send SNMP traps from Nagios to a remote SNMP management station like HP OpenView (NNM) or the like. The easiest way to do this is to create a notification command that generates an SNMP trap. This way, you can use an SNMP management station as a notification destination. This will mean that the trap will be sent every time a notification is scheduled.
net-snmp, net-snmp-utils should be installed on Monitoring host running Nagios
Connectivity between management station and nagios has been stablished and nagios can connect and send snmptraps to snmptrap 162/udp port on management station.
1. First of all define notification command, below is the commands for service and hosts in commands.cfg
# 'send-service-trap' command definition
define command{
command_name send-service-trap
command_line /usr/local/bin/send-service-trap manager public '$HOSTNAME$' '$SERVICEDESC$' $SERVICESTATEID$ '$SERVICEOUTPUT$'
}
# 'send-host-trap' command definition
define command{
command_name send-host-trap
command_line /usr/local/bin/send-host-trap manager public '$HOSTNAME$' $HOSTSTATEID$ '$HOSTOUTPUT$'
}
Both the commands call the shell scripts send-service-trap and send-host-trap in /usr/local/bin/. Passing the hostname or IP address of the destination management station and the target community string, manager and public, respectively.
A number of macros are also passed to the shell script representing the hostname, the service description, the service/host state in numeric form, and the output of the host/service check.
The snmptrap tool generates SNMP traps and can send them to remote management stations. The traps are generated according to a Nagios
MIB available from the same Sourceforge project as the Nagios plug-ins. You can download the MIB from http://prdownloads.sourceforge.net/nagiosplug/nagiosmib-1.0.0.tar.gz?download.
The package contains two MIB files: a root MIB file containing basic definitions for Nagios OIDs called NAGIOS-ROOT-MIB and an MIB containing events and traps called NAGIOS-NOTIFY-MIB. You will need to install both MIB files into your SNMP management device; for example, if your trap daemon is the snmptrapd daemon, you would generally copy these files to the /usr/share/snmp/mibs directory. When you start the snmptrapd daemon, you load the MIB files using the -m
and -M options:
Also copy the MIBs files on localhost where Nagios is running under snmp/mibs
/usr/sbin/snmptrapd -m ALL -M /usr/share/snmp/mibs -Lf /var/log/snmptrapd.log
Tip: There is an excellent HOWTO on how to use snmptrap to send traps here.
Note: Your own SNMP management station, such as HP OpenView or the like, will have its own method of loading MIB files. You should refer to its documentation for that.
2. Define a contact for Management station
Need to define a contact for management station in the same way we create for other contact person, to receive SNMP traps from Nagios whereever Nagios send notificaiton for host/service
define contact{
contact_name managementstation
use generic-contact
alias Management Station
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands send-service-trap
host_notification_commands send-host-trap
}
3. Add the new conatct to contactgroup for hosts/services for which you want to send SNMP traps
define contactgroup{
contactgroup_name linuxadmins
alias Linux Servers Administrators
members me, managementstation
}
Now whenever there is a alert for linux servers Nagios will notify contact 'managementstation' which in turn call the commands send-service-trap/send-host-trap accordingly depends on host or service alert.
4. send-service-trap/send-host-trap Shell Script
/usr/local/bin/send-service-trap
# Arguments:
# $1 = Management Station
# $2 = Community String
# $3 = host_name
# $4 = service_description (Description of the service)
# $5 = return_code (An integer that determines the state
# of the service check, 0=OK, 1=WARNING, 2=CRITICAL,
# 3=UNKNOWN).
# $6 = plugin_output (A text string that should be used
# as the plugin output for the service check)
#
#
/usr/bin/snmptrap -v 2c -c $2 $1 ' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s '$3' nSvcDesc s '$4' nSvcStateID i $5 nSvcOutput s '$6'
/usr/local/bin/send-host-trap
# Arguments:
# $1 = Management Station
# $2 = Community String
# $3 = host_name
# $4 = HostStatID A number that corresponds to the current state of the host: 0=UP, 1=DOWN, 2=UNREACHABLE.
# $5 = HOSTOUTPUT The first line of text output from the last host check (i.e. 'Ping OK').
#
#
/usr/bin/snmptrap -v 2c -c $2 $1 ' NAGIOS-NOTIFY-MIB::nHostEvent nHostname s '$3' nHostStateID i $4 nHostOutput s '$5'
The shell script receives all the incoming variables and passes them to the snmptrap command
-v = snmp version
-c = community string
$1 = Management Station IP address or hostname
The next two single quotes are special characters representing the uptime portion of a trap. They will be replaced with the current uptime of the system generating the trap when the snmptrap command is executed.
The enterprise OID is specified next; in this case it is NAGIOS-NOTIFY-MIB::nSvcEvent and NAGIOS-NOTIFY-MIB::nHostEvent. The NAGIOS-NOTIFY-MIB is the name of the MIB module being referenced, and the nSvcEvent/nHostEvent is the trap defined for sending service events. Together these form the enterprise OID.
Next specified a list of individual OIDs and their variables that I’m passing as part of the trap. They are, in order, the hostname, the service description, the host/service status ID in numerical form, and the output of the host/service check.
Enclosing the values ones that might contain multiword data in quotation marks so that they are passed cleanly to the command.
Tip: You can find these and other OIDs that you can use with the traps and notifications defined in the NAGIOS-ROOT-MIB and NAGIOS-NOTIFY-MIB MIB files.
Jun 04, 2014 After months of development, Nagios SNMP Trap Interface (NSTI) version 3.0 is officially released and available for download.NSTI 3.0 provides users with an updated UI theme that is modern, and easy to navigate and interpret. The latest version of NSTI also contains a number of major functionality enhancements including the ability to filter, search, and organize SNMP traps based on a.
Prerequisites:net-snmp, net-snmp-utils should be installed on Monitoring host running Nagios
Connectivity between management station and nagios has been stablished and nagios can connect and send snmptraps to snmptrap 162/udp port on management station.
1. First of all define notification command, below is the commands for service and hosts in commands.cfg
# 'send-service-trap' command definition
define command{
command_name send-service-trap
command_line /usr/local/bin/send-service-trap manager public '$HOSTNAME$' '$SERVICEDESC$' $SERVICESTATEID$ '$SERVICEOUTPUT$'
}
# 'send-host-trap' command definition
define command{
command_name send-host-trap
command_line /usr/local/bin/send-host-trap manager public '$HOSTNAME$' $HOSTSTATEID$ '$HOSTOUTPUT$'
}
Both the commands call the shell scripts send-service-trap and send-host-trap in /usr/local/bin/. Passing the hostname or IP address of the destination management station and the target community string, manager and public, respectively.
A number of macros are also passed to the shell script representing the hostname, the service description, the service/host state in numeric form, and the output of the host/service check.
The snmptrap tool generates SNMP traps and can send them to remote management stations. The traps are generated according to a Nagios
MIB available from the same Sourceforge project as the Nagios plug-ins. You can download the MIB from http://prdownloads.sourceforge.net/nagiosplug/nagiosmib-1.0.0.tar.gz?download.
The package contains two MIB files: a root MIB file containing basic definitions for Nagios OIDs called NAGIOS-ROOT-MIB and an MIB containing events and traps called NAGIOS-NOTIFY-MIB. You will need to install both MIB files into your SNMP management device; for example, if your trap daemon is the snmptrapd daemon, you would generally copy these files to the /usr/share/snmp/mibs directory. When you start the snmptrapd daemon, you load the MIB files using the -m
and -M options:
Also copy the MIBs files on localhost where Nagios is running under snmp/mibs
/usr/sbin/snmptrapd -m ALL -M /usr/share/snmp/mibs -Lf /var/log/snmptrapd.log
Tip: There is an excellent HOWTO on how to use snmptrap to send traps here.
Note: Your own SNMP management station, such as HP OpenView or the like, will have its own method of loading MIB files. You should refer to its documentation for that.
2. Define a contact for Management station
Need to define a contact for management station in the same way we create for other contact person, to receive SNMP traps from Nagios whereever Nagios send notificaiton for host/service
define contact{
contact_name managementstation
use generic-contact
alias Management Station
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands send-service-trap
host_notification_commands send-host-trap
}
3. Add the new conatct to contactgroup for hosts/services for which you want to send SNMP traps
define contactgroup{
contactgroup_name linuxadmins
alias Linux Servers Administrators
members me, managementstation
}
Now whenever there is a alert for linux servers Nagios will notify contact 'managementstation' which in turn call the commands send-service-trap/send-host-trap accordingly depends on host or service alert.
4. send-service-trap/send-host-trap Shell Script
/usr/local/bin/send-service-trap
# Arguments:
# $1 = Management Station
# $2 = Community String
# $3 = host_name
# $4 = service_description (Description of the service)
# $5 = return_code (An integer that determines the state
# of the service check, 0=OK, 1=WARNING, 2=CRITICAL,
# 3=UNKNOWN).
# $6 = plugin_output (A text string that should be used
# as the plugin output for the service check)
#
#
/usr/bin/snmptrap -v 2c -c $2 $1 ' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s '$3' nSvcDesc s '$4' nSvcStateID i $5 nSvcOutput s '$6'
/usr/local/bin/send-host-trap
# Arguments:
# $1 = Management Station
# $2 = Community String
# $3 = host_name
# $4 = HostStatID A number that corresponds to the current state of the host: 0=UP, 1=DOWN, 2=UNREACHABLE.
# $5 = HOSTOUTPUT The first line of text output from the last host check (i.e. 'Ping OK').
#
#
/usr/bin/snmptrap -v 2c -c $2 $1 ' NAGIOS-NOTIFY-MIB::nHostEvent nHostname s '$3' nHostStateID i $4 nHostOutput s '$5'
The shell script receives all the incoming variables and passes them to the snmptrap command
-v = snmp version
-c = community string
$1 = Management Station IP address or hostname
The next two single quotes are special characters representing the uptime portion of a trap. They will be replaced with the current uptime of the system generating the trap when the snmptrap command is executed.
The enterprise OID is specified next; in this case it is NAGIOS-NOTIFY-MIB::nSvcEvent and NAGIOS-NOTIFY-MIB::nHostEvent. The NAGIOS-NOTIFY-MIB is the name of the MIB module being referenced, and the nSvcEvent/nHostEvent is the trap defined for sending service events. Together these form the enterprise OID.
Next specified a list of individual OIDs and their variables that I’m passing as part of the trap. They are, in order, the hostname, the service description, the host/service status ID in numerical form, and the output of the host/service check.
Enclosing the values ones that might contain multiword data in quotation marks so that they are passed cleanly to the command.
Tip: You can find these and other OIDs that you can use with the traps and notifications defined in the NAGIOS-ROOT-MIB and NAGIOS-NOTIFY-MIB MIB files.
Overview
This KB article explains how to configure Nagios XI to receive SNMP traps from Nagios Network Analyzer (NNA).
It is assumed that Nagios XI is already configured to receive SNMP traps, if it is not please follow the steps in this documentation:
Nagios XI - Configure Traps
To receive the traps from NNA you need to import the traps definitions into the /etc/snmp/snmptt.conf file using this command:
Next you will update the trap EXEC line and replace '$s' with '$3' to allow the correct numeric service state to be passed through to Nagios XI.
Edit the /etc/snmp/snmptt.conf file using the vi text editor:
When using the vi editor, to make changes press i on the keyboard first to enter insert mode. Press Esc to exit insert mode.
Find the following EVENT line:
In the EXEC line change '$s' to '$3' as per:
From:
To:
The change should look like:
When you have finished, save the changes in vi by typing :wq and pressing Enter.
Now restart the snmptt service:
The file /usr/local/bin/snmptraphandling.py also needs to be updated to allow numeric states.
Edit the /usr/local/bin/snmptraphandling.py file using the vi text editor:
Find this section:
Change it to:
You can see these lines were added:
When you have finished, save the changes in vi by typing :wq and pressing Enter.
NNA - Define SNMP Receivers
Before you can define an alert to be sent via SNMP we need to define an SNMP receiver to sent the traps to.
Login to NNA and navigate to the Alerting menu.
Click the SNMP Receivers tab
Click the New SNMP Receiver button
Name: XI Server
IP Address: IP Address of Nagios XI server
Port: 162
SNMP Version: 2c
Community String: public
By default Nagios XI does not require a community string for SNMP v2c traps
Click the Finish & Save button
Nagios NA - Create Alert Check
Now you need to define a check that will trigger an SNMP Trap to be sent to Nagios XI. In this example it will send an SNMP Trap if the source port has no data. This might seem like a strange check to create however for the purposes of testing and demonstrating this allows us to make it work almost instantly.
Login to NNA and navigate to the Alerting menu.
Click the Checks tab
Click the New Check button
Name: Source Has Data
Source & View: Select the Source and View(if required) to run the check against
Click the Step Two button
Analyze traffic for: Bytes
Warning threshold is: :0
Critical threshold is: :0
Where The: Source Port is 5050
Click the Step Three button
Click the SNMP Traps tab
Select XI Server from the list
Click the Finish & Save button
Nagios XI - Check Logs & Unconfigured Objects
Now that you have created the check in NNA, within five minutes a SNMP trap will be received by the Nagios XI server. This can be observed by watching the snmptt.log file in an ssh session:
The trap will be logged similar to the following:
When the trap is received by Nagios XI it will be an unconfigured object first.
Log into your Nagios XI web interface.
Navigate to Admin > Monitoring Config > Unconfigured Objects
You'll see the NNA host in the list with the SNMP Traps service.
To add it as a service:
Click the check box next to the host
Next to With Selected click the gear icon (Configure)
The Unconfigured Passive Object wizard will start
Step through the wizard and make any changes required
Once the Wizard is finished there will now be a host and service object created
Within five minutes of adding the SNMP Traps service you will see it update with the data from the received trap.
Final Thoughts
For any support related questions please visit the Nagios Support Forums at: