Dalam NMS (Network Monitoring System) metode untuk menerima SNMP Traps adalah metode yang terbalik dengan query SNMP-Enabled ke device tujuan. Dalam kasus SNMP Traps, informasi di SNMP-Enabled device dikirim dan dianalisa di server NMS (Dalam tutorial ini NMS yang dimaksud ialah Zabbix). Biasanya Traps dikirim ke port 162 di NMS.
Notes
- Tutorial ini dengan asumsi bahwa zabbix sudah di install di tempat Anda. Untuk tutorial Zabbix bisa liat di link ini Installasi Zabbix di CentOS.
- Selinux disabled.
Dibawah ini langkah-langkah untuk konfigurasinya.
1. Apabila CentOS Anda Mengaktifkan IPTables, Allow Port UDP 162
[root@localhost ~]# vi /etc/sysconfig/iptables:
###tambahkan line dibawah ini
-A INPUT -p udp -m udp --dport 162 -j ACCEPT
###Lalu restart service iptables
[root@localhost ~]# /etc/init.d/iptables restart
2. Setting Zabbix Agar Dapat Menerima SNMP Traps Menggunakan zabbix_trap_receiver.pl
[root@localhost ~]# yum install -y net-snmp-utils net-snmp-perl
Download zabbix_trap_receiver.pl di URL ini -> https://github.com/miraclelinux/MIRACLE-ZBX-2.0.3-NoSQL/blob/master/misc/snmptrap/zabbix_trap_receiver.pl
Isi dari script perl tersebut kurang lebih seperti dibawah ini.
[root@localhost ~]# cat /usr/bin/zabbix_trap_receiver.pl
#!/usr/bin/perl
#
# Zabbix
# Copyright (C) 2001-2014 Zabbix SIA
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
#########################################
#### ABOUT ZABBIX SNMP TRAP RECEIVER ####
#########################################
# This is an embedded perl SNMP trapper receiver designed for sending data to the server.
# The receiver will pass the received SNMP traps to Zabbix server or proxy running on the
# same machine. Please configure the server/proxy accordingly.
#
# Read more about using embedded perl with Net-SNMP:
# http://net-snmp.sourceforge.net/wiki/index.php/Tut:Extending_snmpd_using_perl
#################################################
#### ZABBIX SNMP TRAP RECEIVER CONFIGURATION ####
#################################################
### Option: SNMPTrapperFile
# Temporary file used for passing data to the server (or proxy). Must be the same
# as in the server (or proxy) configuration file.
#
# Mandatory: yes
# Default:
$SNMPTrapperFile = '/tmp/zabbix_traps.tmp';
### Option: DateTimeFormat
# The date time format in strftime() format. Please make sure to have a corresponding
# log time format for the SNMP trap items.
#
# Mandatory: yes
# Default:
$DateTimeFormat = '%H:%M:%S %Y/%m/%d';
###################################
#### ZABBIX SNMP TRAP RECEIVER ####
###################################
use Fcntl qw(O_WRONLY O_APPEND O_CREAT);
use POSIX qw(strftime);
sub zabbix_receiver
{
my (%pdu_info) = %{$_[0]};
my (@varbinds) = @{$_[1]};
# open the output file
unless (sysopen(OUTPUT_FILE, $SNMPTrapperFile, O_WRONLY|O_APPEND|O_CREAT, 0666))
{
print STDERR "Cannot open [$SNMPTrapperFile]: $!\n";
return NETSNMPTRAPD_HANDLER_FAIL;
}
# get the host name
my $hostname = $pdu_info{'receivedfrom'} || 'unknown';
if ($hostname ne 'unknown') {
$hostname =~ /\[(.*?)\].*/; # format: "UDP: [127.0.0.1]:41070->[127.0.0.1]"
$hostname = $1 || 'unknown';
}
# print trap header
# timestamp must be placed at the beggining of the first line (can be omitted)
# the first line must include the header "ZBXTRAP [IP/DNS address] "
# * IP/DNS address is the used to find the corresponding SNMP trap items
# * this header will be cut during processing (will not appear in the item value)
printf OUTPUT_FILE "%s ZBXTRAP %s\n", strftime($DateTimeFormat, localtime), $hostname;
# print the PDU info
print OUTPUT_FILE "PDU INFO:\n";
foreach my $key(keys(%pdu_info))
{
printf OUTPUT_FILE " %-30s %s\n", $key, $pdu_info{$key};
}
# print the variable bindings:
print OUTPUT_FILE "VARBINDS:\n";
foreach my $x (@varbinds)
{
printf OUTPUT_FILE " %-30s type=%-2d value=%s\n", $x->[0], $x->[2], $x->[1];
}
close (OUTPUT_FILE);
return NETSNMPTRAPD_HANDLER_OK;
}
NetSNMP::TrapReceiver::register("all", \&zabbix_receiver) or
die "failed to register Zabbix SNMP trap receiver\n";
print STDOUT "Loaded Zabbix SNMP trap receiver\n";
3. Copy Script Perl tersebut ke /usr/bin
[root@localhost ~]# cp zabbix_trap_receiver.pl /usr/bin
[root@localhost ~]# chmod +x /usr/bin/zabbix_trap_receiver.pl
4. Update snmptrad.conf
[root@localhost ~]# vi /etc/snmp/snmptrapd.conf
### tambahkan line dibawah ini
authCommunity execute public
perl do "/usr/bin/zabbix_trap_receiver.pl";
5. Enable Zabbix SNMP Trapper
[root@localhost ~]# vi /etc/zabbix/zabbix_server.conf
### Enable SNMP Trap di Zabbix Server
StartSNMPTrapper=1
### Konfigurasi SNMPTrapperFile harus sama dengan yang ada di zabbix_trap_receiver.pl file.
SNMPTrapperFile=/tmp/zabbix_traps.tmp
Setelah selesai save & quit, lalu restart zabbix server services.
[root@localhost ~]# /etc/init.d/zabbix_server restart
Notes :
- Untuk cek SNMPTrapperFile di zabbix_trap_receiver.pl dapat gunakan command ini, pastikan outputnya sama dengan di zabbix_server.conf
[root@localhost ~]# cat /usr/bin/zabbix_trap_receiver.pl | grep \$SNMPTrapperFile\ =
$SNMPTrapperFile = '/tmp/zabbix_traps.tmp'; - [root@localhost ~]# cat /usr/local/etc/zabbix_server.conf | grep SNMPTrapperFile
- SNMPTrapperFile=/tmp/zabbix_traps.tmp
6. Setting snmptrad Agar Start on Reboot
[root@localhost ~]# chkconfig snmptrapd on
[root@localhost ~]# /etc/init.d/snmptrapd restart
7. Enable SNMP Trap Transmission File Rotation
[root@localhost ~]# mkdir -p /var/log/zabbix_traps_archive
[root@localhost ~]# chmod 777 /var/log/zabbix_traps_archive
Lalu tambahkan script dibawah ini untuk rotasi log di file /etc/logrotate.d/zabbix_traps.
/tmp/zabbix_traps.tmp {
weekly
size 10M
compress
compresscmd /usr/bin/bzip2
compressoptions -9
notifempty
dateext
dateformat -%Y%m%d
missingok
olddir /var/log/zabbix_traps_archive
maxage 365
rotate 10
}
8. Testing Send Traps
Langkah terakhir ialah send traps ke NMS atau localhost untuk memastikan bahwa NMS Zabbix yang kita configure dapat menerima traps dari device lain.
Gunakan Command Dibawah ini Untuk Sendtraps:
[root@localhost ~]# snmptrap -v 1 -c public 127.0.0.1 '.1.3.6.1.6.3.1.1.5.4' '0.0.0.0' 6 33 '55' \ .1.3.6.1.6.3.1.1.5.4 s "eth0"
Lalu cek di file /tmp/zabbix_trapper.tmp
[root@localhost ~]# cat /tmp/zabbix_traps.tmp
PDU INFO:
notificationtype TRAP
version 0
receivedfrom UDP: [127.0.0.1]:33161->[127.0.0.1]
errorstatus 0
messageid 0
community public
transactionid 1
errorindex 0
requestid 0
VARBINDS:
iso.3.6.1.2.1.1.3.0 type=67 value=Timeticks: (55) 0:00:00.55
iso.3.6.1.6.3.1.1.4.1.0 type=6 value=OID: iso.3.6.1.6.3.1.1.5.4.0.33
iso.3.6.1.6.3.1.1.5.4 type=4 value=STRING: "eth0"
iso.3.6.1.6.3.18.1.4.0 type=4 value=STRING: "public"
iso.3.6.1.6.3.1.1.4.3.0 type=6 value=OID: iso.3.6.1.6.3.1.1.5.4
Apabila output diatas sudah sesuai berarti konfigurasi SNMP Trapper sudah berhasil. Untuk contoh SNMP Trap di device Cisco yang dikirim ke NMS Zabbix bisa liat tutorial ini Konfigurasi IPSLA di Router Cisco dan Send SNMP Trap ke Zabbix NMS.
Done...............