Library

Docs
Beta

Products

Adding MATCH Statements in the SNMP Trap InterfaceAutomatic Agent DeploymentAutomatic Nagios Core Migration to Nagios XIHow To Add A New User In Nagios XIHow To Configure Contact Groups in Nagios XIHow To Customize Your Dashboards With Dashlets In Nagios XIHow To Install Nagios XI via SourceHow To Manage MIBs In Nagios XIHow To Monitor A Gateway Switch With Nagios XIHow To Monitor A System Using SSHHow To Monitor DNS Servers and Queries with Nagios XIHow To Monitor Printers with Nagios XIHow To Monitor Security Cameras using Nagios XIHow To Monitor Websites with Nagios XIHow To Monitor Windows Machines With NCPA In Nagios XIHow To Monitor Windows Using SNMP In Nagios XIHow To Monitor Windows Using WinRMHow To Monitor your Mac OS/X devices using Nagios XIHow To Perform Nagios XI Landing Page CustomizationHow To Repair Crashed DatabasesHow To Select The Right Nagios XI Download For Your EnvironmentHow To Use Capacity PlanningHow To Use Scheduled ReportsHow To View The Latest Alerts In Nagios XIHow To configure Email Notifications in Nagios XIHow To configure Nagios XI to support Multi TenancyHow To configure your Timezone in Nagios XIHow To evaluate Nagios XI using -Hyper VHow To install Nagios XI in AWSHow To install Nagios XI using ESXiHow To install Nagios XI using Hyper VHow To install Nagios XI using VMware WorkstationHow To install Nagios XI using VMwareHow To install additional Configuration Wizards in Nagios XIHow To integrate Slack with Nagios XI 2024How To transfer Nagios XI from CentOS 7 to CentOS 9How To understand Users and Contacts in Nagios XIHow To update/upgrade Nagios XIHow To use Auto Discovery to setup host and service checks in XIHow To use Bulk Host Cloning and the Import WizardHow To use Business Process Intelligence (BPI)How To use Dashboards in Nagios XIHow To use Hypermap in Nagios XIHow To use Minemap MonitoringHow To use Nagios XI to Monitor Active DirectoryHow To use Tactical Overview in Nagios XIHow To utilize Reports and Graphs in Nagios XIHow To utilize Standard Edition (SE) ReportsHow to Agentless Monitor a Windows Machine with Nagios XIHow to Configure Contacts in Nagios XIHow to Use Custom Includes Component in Nagios XIInstalling on Non Standard SystemsManaging Contact TemplatesManaging Host TemplatesManaging Service TemplatesMigrating Nagios XI to a different ServerMonitoring Amazon EC2Monitoring Linux using NCPAMonitoring Office 365 Subscription ServicesMonitoring WebLogic on WindowsMonitoring Windows using NCPANagios Integrating MNTOSNagios XI 10,000 Services and growing NWC14Nagios XI API’s NWC13Nagios XI Accessing And Utilizing The Core Config ManagerNagios XI Activating Your LicenseNagios XI Add NagVis Map To A ViewNagios XI Adding And Removing A Host Using The APINagios XI Adding And Removing A Service Using The APINagios XI Adding Services To Pre existing Switch or RouterNagios XI Adding Windows Disk Usage Checks In XINagios XI Admin TourNagios XI Administrative User AccountsNagios XI Administrator GuideNagios XI Advanced Features of Nagios XI NWC14Nagios XI Ansible TutorialNagios XI Architecture OverviewNagios XI Audit LogNagios XI Automated Host Management In Nagios XINagios XI BPI XML CacheNagios XI Backend APINagios XI Backing Up And Restoring Your Nagios XI SystemNagios XI Backup and Restore OptionsNagios XI Bandwidth Graphs Showing 0Mb/s in Non English SystemsNagios XI Best Practices NWC15Nagios XI Best Practices for Managing ConfigsNagios XI Business Process IntegrationNagios XI Changing Host Alive CheckNagios XI Changing The Check Interval Of A ServiceNagios XI Changing The System TimeNagios XI Check Interval ConsiderationsNagios XI Checking Program Loadtime With autoIT in Nagios XINagios XI Cleaner Cron ArchitecureNagios XI Cloning UsersNagios XI Command Subsystem ArchitectureNagios XI Configuration Wizards and TemplatesNagios XI Configure PHP Development EnvironmentNagios XI Configuring Core Contacts to Use XI’s phpmailer SMTP SettingsNagios XI Configuring DowntimeNagios XI Configuring FTP For NSClient++ DeploymentNagios XI Configuring Global Event HandlersNagios XI Configuring Inbound ChecksNagios XI Configuring NSClient++Nagios XI Configuring Notification PreferencesNagios XI Configuring Outbound ChecksNagios XI Configuring Passive Services With Nagios XINagios XI Configuring SSL for Nagios XINagios XI Connecting To Your Email ServerNagios XI Conversion for VirtualBoxNagios XI Cool Tips & Tricks NWC14Nagios XI Core Config Manager Bulk Modification ToolNagios XI Core Config Manager Bulk Renaming ToolNagios XI Core Config Manager Configuration SnapshotsNagios XI Core Config Manager Escalation WizardNagios XI Core Config Manager Host GroupsNagios XI Core Config Manager How It WorksNagios XI Core Config Manager Service GroupsNagios XI Core Configuration Mananger Display IssuesNagios XI Core Configuration Mananger Mass ChangesNagios XI Create Actions URL Link In Quick Actions MenuNagios XI Create Host And Service URLs With FiltersNagios XI Creating Nagios XI WizardsNagios XI Cron JobsNagios XI Custom Wizards, Components and Dashlets NWC12Nagios XI Customizing The Landing PageNagios XI DB Maintenance ArchitectureNagios XI Database OptimizationNagios XI Display All Scheduled ReportsNagios XI Distributed Monitoring With NRDPNagios XI Downgrading Nagios CoreNagios XI Downloading A System ProfileNagios XI Email Notifications With ColorNagios XI Enabling Ping ActionNagios XI Enterprise Edition ReportsNagios XI Event Manager ArchitectureNagios XI Excluding Hosts And HostgroupsNagios XI Exploring the Graph ExplorerNagios XI Exporting the Config DatabaseNagios XI Folder Watch WizardNagios XI Gauges Understanding ThresholdsNagios XI Generating GraphsNagios XI Generating Reports With Nagios XINagios XI Google Map IntegrationNagios XI Group Deployment of Service Checks NWC15Nagios XI GroupsNagios XI Host and Service Details OverviewNagios XI Hostgroup InheritanceNagios XI How SNMP Traps WorkNagios XI How SNMP Works A Quick GuideNagios XI How To Achieve High AvailabilityNagios XI How To Apply Configuration Using The APINagios XI How To Check For Windows Updates With Nagios XINagios XI How To Create A Virtual Instance In The Amazon EC2 Cloud EnvironmentNagios XI How To Delete A Data Source From An RRD FileNagios XI How To Install On Windows Using Hyper VNagios XI How To Install On Windows Using VMwareNagios XI How To Install On Windows Using vSphereNagios XI How To Monitor A Websensor EM08Nagios XI How To Monitor Apache ActiveMQ With Nagios XINagios XI How To Monitor Apache TomcatNagios XI How To Monitor Devices Using The NCPA Agent and WizardNagios XI How To Monitor Docker ContainersNagios XI How To Monitor GlassFishNagios XI How To Monitor JBoss/WildFlyNagios XI How To Monitor JMX With Nagios XINagios XI How To Monitor Jetty JMXNagios XI How To Monitor WebLogicNagios XI How To Monitor Website Defacement With Nagios XINagios XI How To Select A DownloadNagios XI How To Test Check Commands From The Command lineNagios XI How To Use CA Certificates With check_ldaps PluginNagios XI How To Use Capacity PlanningNagios XI How To Use Deadpool In Nagios XINagios XI How To Use The Actions ComponentNagios XI How To Use The Bulk Host Cloning & Import WizardNagios XI How To Write Custom ComponentsNagios XI How XI WorksNagios XI How to Authenticate and Import -Users with Active DirectoryNagios XI How to Change Default PasswordsNagios XI How to Configure Email And Text NotificationsNagios XI How to Generate SLA ReportsNagios XI How to Install & Configure the Oracle Client & PluginsNagios XI How to Integrate SNMP Traps With Nagios XINagios XI How to Integrate the Bischeck Plugin Extension with Nagios XINagios XI How to Manage Remote Nagios XI ServersNagios XI How to Manually Update Nagios XINagios XI How to Monitor Apache Cassandra Distributed DatabasesNagios XI How to Monitor an AKCP SensorProbe2 using SNMPNagios XI How to Restart A Windows Service With NRPENagios XI How to Upgrade Using the Web UINagios XI How to Use the NSCA AddonNagios XI Importing Config Files From Nagios Core into Nagios XINagios XI Importing Nagios XI into Microsoft Hyper VNagios XI Inbound Email CommandsNagios XI Installing NSClient++Nagios XI License EntitlementsNagios XI Integrating Mod Gearman With Nagios XINagios XI Integrating Mod_Security With Nagios XINagios XI Integrating NagVis With Nagios XINagios XI Integrating On Call Schedules with Nagios NWC13Nagios XI Integrating PuTTY SSH LinksNagios XI Integrating Slack With Nagios XINagios XI Integrating autoIT With NagiosNagios XI Introduction Getting Started with Nagios XI NWC14Nagios XI Introduction to Event HandlersNagios XI JavaScript and jQuery Tips, Tricks and How To NWC14Nagios XI Leveraging and Understanding Performance Data and Graphs NWC13Nagios XI License Maintenance Status CheckNagios XI Link Directly to Graph Explorer GraphsNagios XI Log Locations and DescriptionsNagios XI Log Monitoring with SwatchNagios XI Log Server Integration WizardNagios XI Logging InNagios XI MRTG Clean ConfigsNagios XI Macros and Custom Object VariablesNagios XI Manage MIBs ArchitectureNagios XI Managing ComponentsNagios XI Managing Mobile CarriersNagios XI Managing Plugins In Nagios XINagios XI Managing UsersNagios XI Manual Backup And Restore DatabasesNagios XI Manual Config File ManagementNagios XI Mass Acknowledgement in Nagios XI 2024Nagios XI Mass Delete Old RRD FilesNagios XI Maximizing Performance In Nagios XINagios XI Migrate Performance DataNagios XI Migrating From Nagios CoreNagios XI Mobile User InterfaceNagios XI Mod Gearman Queues and WorkersNagios XI Modifying The Contents Of /usr/local/nagios/etcNagios XI Monitor Active Directory with LDAPNagios XI Monitoring A MySQL ServerNagios XI Monitoring A Nagios XI ServerNagios XI Monitoring A Router Or SwitchNagios XI Monitoring A Website URLNagios XI Monitoring A Windows DesktopNagios XI Monitoring AIX With NagiosNagios XI Monitoring An FTP ServerNagios XI Monitoring An LDAP ServerNagios XI Monitoring Apache Tomcat With XINagios XI Monitoring DNS QueriesNagios XI Monitoring Hosts Using NRPE and NRPE Monitoring WizardNagios XI Monitoring Hosts Using SSHNagios XI Monitoring Linux ServersNagios XI Monitoring Linux Using NRPE and Linux Server Monitoring WizardNagios XI Monitoring Linux Using SNMPNagios XI Monitoring Microsoft SQLNagios XI Monitoring MongoDBNagios XI Monitoring OS/X with Nagios XINagios XI Monitoring Performance Counters in Nagios Using NCPANagios XI Monitoring Performance Counters in Nagios Using NSClient++Nagios XI Monitoring TCP/UDP PortsNagios XI Monitoring Unconfigured ObjectsNagios XI Monitoring Using the Full Power of Nagios XI Enterprise NWC15Nagios XI Monitoring VMware Virtualization Using vMA NWC14Nagios XI Monitoring VMware With Nagios XINagios XI Monitoring Websites With Nagios XINagios XI Monitoring Windows ServersNagios XI Monitoring Windows Using NSClient++Nagios XI Monitoring Windows With NCPANagios XI Monitoring Windows With SNMPNagios XI Monitoring the Nagios XI localhostNagios XI Moving Your XI InstallationNagios XI Multi Tech iSMS IntegrationNagios XI MultiTech MTR API IntegrationNagios XI MySQL/MariaDB Max ConnectionsNagios XI NSP Sorry Dave, I can’t let you do thatNagios XI Nagios AgentsNagios XI Nagios Network Analyzer Reports In XINagios XI Nagios Rapid Deployment Options NWC14Nagios XI Navigating The Nagios XI DashboardNagios XI Network Status Map Customization (Legacy)Nagios XI Network Status Map CustomizationNagios XI Non Administrative UsersNagios XI Offloading MySQL to Remote ServerNagios XI Optimizing The PHP Settings FileNagios XI Overview of ReportingNagios XI Passive Monitoring With NRDS_WinNagios XI Passive Monitoring with NRDSNagios XI Performance Data ArchitectureNagios XI Performance Data AveragingNagios XI Performance Graphs & Graph ExplorerNagios XI Ports And ProtocolsNagios XI Receiving SNMP Traps From Nagios Network AnalyzerNagios XI Recurring Downtime SystemNagios XI Redundancy And Security PlanningNagios XI Removing All Historical DataNagios XI Restarting A Linux Service With NRPENagios XI Restarting Linux Services With NCPANagios XI Restarting Windows Services With NCPANagios XI Restoring A Configuration SnapshotNagios XI Restoring Default ConfigurationNagios XI Running Auto Discovery JobsNagios XI SNMP Monitoring SeriesNagios XI SNMP Trap HardeningNagios XI SNMP Trap TutorialNagios XI SNMP Trap v3 ConfigurationNagios XI SNMP Traps with NXTINagios XI STRICT_TRANS_TABLESNagios XI Scheduled Backup Log LevelNagios XI Scheduling Reports and PagesNagios XI Scheduling ReportsNagios XI Securing Your Nagios Server NWC13Nagios XI Sending SNMP TrapsNagios XI Service DependenciesNagios XI Setup Nagios XI to Send SMS AlertsNagios XI Should You Change RRD Retention PeriodsNagios XI Solaris Monitoring OptionsNagios XI Special CharactersNagios XI Standard Edition ReportsNagios XI Switch and Router Wizard ArchitectureNagios XI System RequirementsNagios XI Terminology OverviewNagios XI Two Factor AuthenticationNagios XI Under the Hood NWC15Nagios XI Understanding And Using Configuration WizardsNagios XI Understanding And Using DashboardsNagios XI Understanding And Using XI ToolsNagios XI Understanding Email SendingNagios XI Understanding Multi TenancyNagios XI Understanding Notification EscalationsNagios XI Understanding Notification VariablesNagios XI Understanding The User Macros ComponentNagios XI Understanding User MacrosNagios XI Understanding User PermissionsNagios XI Understanding the Nagios XI Directory StructureNagios XI Update Components And WizardsNagios XI Update Default snmptt.conf EVENTNagios XI Upgrading Nagios CoreNagios XI User GuideNagios XI Upgrading The Linux NRPE AgentNagios XI Uploading and Managing MIBSNagios XI Users And ContactsNagios XI Using Auto DiscoveryNagios XI Using DUO Two Factor AuthenticationNagios XI Using Different Notification MethodsNagios XI Using NSClient++ For Passive ChecksNagios XI Using Nagios BPINagios XI Using Nagios XI As A Security Tool Software VersionsNagios XI Using Nagios XI As A Security Tool Website DefacementNagios XI Using Recurring DowntimeNagios XI Using SSL with XI Active DirectoryNagios XI Using Scripts / Plugins With NCPANagios XI Using Scripts / Plugins With NSClient++Nagios XI Using The Config Import Prep ToolNagios XI Using The Core Config Manager For Host ManagementNagios XI Using The Core Config Manager For Service ManagementNagios XI Using The Custom Includes ComponentNagios XI Using The Host And Service Object Notes ComponentNagios XI Using The SNMP Walk WizardNagios XI Using The Traceroute ActionNagios XI Using ViewsNagios XI Using rrdcached with Nagios XINagios XI Using the Negate PluginNagios XI Utilizing Data Visualizations in Systems Management -NWC14Nagios XI Utilizing a RAM Disk in Nagios XINagios XI Virtual Machine NotesNagios XI WatchGuard Wizard UsageNagios XI Web Interface ArchitectureNagios XI What Is A Performance CounterNagios XI Wizards AchitectureNagios XI XI Server ConsiderationsNagios Xi Masquerading As Another UserNetwork Monitoring With NagiosNon Admin Walkthrough of Nagios XIParent/Child Host RelationshipsStarting a Nagios XI TrialTemplate IntroductionThird Party Plugins in Nagios XITwilio SMS IntegrationUnderstanding Hosts and Services in Nagios XIUnderstanding Tools in Nagios XIUsing The Generic Plugin Monitoring Wizard In Nagios XIUsing the Nagios XI World MapViewing Configuration Snapshot differencesWebInject InstructionsWorking with Hosts on the Mobile InterfaceWorking with Services on the Mobile InterfaceXI 5.10.0 and newer Postgress to MySQL ConversionOvercoming lack of VMware SDK with VMware Wizard

Nagios XI - SNMP Trap Tutorial

Overview

This document describes how SNMP Traps work and integrate with Nagios XI.

SNMP means Simple Network Management Protocol. Devices that have SNMP functionality can provide active and passive monitoring.

  • Active = The Nagios XI server initiates the connection to the SNMP enabled device to retrieve information
  • Passive = The SNMP enabled device sends "Traps" to the Nagios XI server

This document is purely focused on SNMP Traps. Traps can be overwhelming to start with and the difficulty starts when you're trying to learn following other guides that aren't specifically about the device you're receiving traps from.

The goal of this tutorial is to provide step by step instructions to allow you to setup an test environment and see first hand how traps work. To make this as simple as possible we will use two Nagios XI servers and a CentOS server:

  • SNMP Sender
    • This server will SEND SNMP Traps to the receiving server. It is monitoring a single CentOS server which you will also be instructed to setup.
    • This is achieved using the "SNMP Trap Sender" component built into Nagios XI
  • SNMP Receiver
    • This server will RECEIVE SNMP Traps from the sending server. Here you will receive status updates of the CentOS server being monitored on the sender server.

After following this document and deploying the test environment you will have a solid understanding of how SNMP Traps work and will be able to easily configure SNMP Traps received from real devices.

NOTE: The SNMP Sender server is purely used to provide the functionality of sending Traps to Nagios XI SNMP Receiving server, specifically for this tutorial. In your real world production environment this could be a UPS, Storage Array or any other SNMP Trap sending device. Just to be really clear, the SNMP Sender server is NOT required in your real world production environment, it is purely used as a training tool in this tutorial.

Target Audience

This document is intended for use by Nagios XI Administrators who wish to learn how SNMP Traps work.

You will need to be able to deploy a test environment using virtual machines (VM's). Using VM's allows us to use pre-installed Nagios XI templates and makes it relatively easy to follow this guide.

The Goal

The following diagram gives an overview of the test environment you will deploy.

Here you can see the SNMP Sender server is monitoring a CentOS server using NRPE using active checks. Whenever a state changes occurs an any check on the SNMP Sender server it will send an SNMP Trap to the SNMP Receiving server.

Below are two screenshots showing what this tutorial will show you how to do. The top screenshot is the SNMP Sender monitoring the CentOS sever and the bottom screenshot is the SNMP Receiving server configured with SNMP Trap services.

Deploy Environment

You need to create three VM's:

  1. CentOS 6.5
    • 10.25.13.10/8
    • A minimal install
    • This will have the NRPE Agent installed on it
  2. Nagios XI SNMP Sender
    • 10.25.5.20/8
    • Use a Nagios XI VM downloaded from the Nagios Website (2014R2.6 +)
  3. Nagios XI SNMP Receiver
    • 10.25.5.30/8
    • Use a Nagios XI VM downloaded from the Nagios Website (2014R2.6 +)

NOTE: These VM's will require Internet access to install certain components. When prompted below you will need to define a valid default gateway and correct DNS servers. For the purposes of this tutorial I will be using a default gateway of 10.24.1.254 and a DNS server of 10.25.2.1.

CentOS 6.5 Installation

These steps were performed using CentOS-6.5-x86_64-bin-DVD1.iso

Boot the CentOS installer ISO

Select Install or upgrade an existing system

You can skip the media test

The GUI installer appears

Click Next

Select your language and click Next

Select your keyboard and click Next

Storage - For the purposes of this guide I am:

Selecting Basic Storage Device and click Next

Storage Device Warning

Tick the box Apply my choice to all devices with undetected partitions or filesystems

Click Yes, discard any data

Hostname

Leave hostname as default

Click Configure Network

Select System eth0

Click Edit

Tick the box Connect automatically

IPv4 Settings tab

Provide the static IP Address parameters (10.25.13.10/8)

Click Apply

Click Close

Click Next

Select your Timezone

Click Next

Provide a root password for this host

Click Next

Which type of install would you like - For the purposes of this guide I am:

Replace Existing Linux System(s)

Click Next

Click Write changes to disk

Select Minimal and click Next

Wait while the installation is performed

When the installation is complete click Reboot

Nagios XI SNMP Sender and Receiver

Deploy the two Nagios XI VM's and power them on

Once they have booted you will need to configure each one with it's static IP Address, follow these steps:

Access the Console of your Nagios XI VM

Username: root

Password: nagiosxi

Type:

system-config-network

Select Device configuration and press Enter

Select the network adapter eth0 and press Enter

Press the down arrow key twice

Press the space bar to disable DHCP

Press the down arrow key once

Type the Static IP Address

SNMP Sender = 10.25.5.20

SNMP Receiver = 10.25.5.30

Press the down arrow key once

Type the Netmask 255.0.0.0

Press the down arrow key once

Type the Default Gateway

Press the down arrow key once

Type the Primary DNS Server

Press the down arrow key twice

Press Enter on the OK button

Press the Tab button once

Press Enter on the Save button

Press the Tab button once

Press Enter on the Save & Quit button

Type:

ifdown eth0

Wait while the command completes

Type:

ifup eth0

Wait while the command completes

Type:

exit

At this point you should open a web browser to the two Nagios XI servers to complete the Nagios XI installation.

Now you have the three servers deployed ready to go. At this point it might be helpful to shut each one down and take a snapshot of it before continuing to allow you to go backwards if you make a mistake.

Install NRPE On The CentOS Server

Now you will install the NRPE agent on the CentOS server so we can monitor this server from our SNMP Sender Nagios XI server.

Establish an SSH session to the CentOS server

Type:

yum -y install wget openssl-devel

Type:

cd /tmp

Type:

wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz

Wait for the file to download

Type:

tar xzf linux-nrpe-agent.tar.gz

Type:

cd linux-nrpe-agent

Type:

./fullinstall

Type:

y

Wait for the fullinstall command to complete

When prompted, type the IP Address of the Nagios XI SNMP Sender:

10.25.5.20

Type:

exit

The NPRE Client / agent is now installed and listening on port 5666.

Monitor The CentOS Server From The SNMP Sender Nagios XI Server

Now run a Configuration Wizard to monitor the CentOS server.

Open a web page to http://10.25.5.20/nagiosxi

Click the Configure menu heading

Click the link Run the Monitoring Wizard

Click the heading Linux Server

In the IP Address field type:

10.25.13.10

Select the Linux Distribution CentOS

Click Next

In the Host Name field type:

CentOS

Accept all the defaults EXCEPT for:

Users:

Warning Number: 1

Critical Number: 2

Click Next

Click Finish

Wait while the wizard creates the services to monitor the CentOS server

Click the link View status details for CentOS

In a couple of minutes all of these services will appear OK (some might have a warning state like Yum Updates)

Now you are monitoring this CentOS server and you will be using it in testing to trigger SNMP traps.

Install SNMPTT on Nagios XI SNMP Receiver Server

Now you'll install the required components on the Nagios XI SNMP Receiver server so it will accept SNMP Traps.

Establish an SSH session to the Nagios XI SNMP Receiver server

Type:

cd /tmp

Type:

yum -y install wget openssl-devel

Wait for the package to download / update

Type:

wget http://assets.nagios.com/downloads/nagiosxi/scripts/NagiosXI-SNMPTrap-setup.sh

Type

 sh ./NagiosXI-SNMPTrap-setup.sh

Wait while the components are downloaded and installed

Type:

sed -i 's/.*mibs_environment.*/mibs_environment = ALL/g' /etc/snmp/snmptt.ini

Type:

sed -i 's/.*translate_integers.*/translate_integers = 0/g' /etc/snmp/snmptt.ini

Type:

service snmptt restart

Now the Nagios XI SNMP Receiver Server is ready to receive SNMP Traps.

Configure Nagios XI SNMP Sender Server

You have one last step to perform and your environment will be setup and sending SNMP Traps.

Establish an SSH session to the Nagios XI SNMP Sender server

Type:

cd /usr/local/nagiosxi/html/includes/components/snmptrapsender/

Type:

chmod +x install.sh

Type:

./install.sh

Wait while the components are downloaded and installed

Once completed type:

 exit

Open a web page to http://10.25.5.20/nagiosxi

Click the Admin menu heading

Under System Extensions click Manage Components

Scroll down until you find SNMP Trap Sender

Click the Configure icon

Tick the box Enable Integration

Under trap hosts we need to provide the parameters of the SNMP Receiver Server

Host Address: 10.25.5.30

Port: 162

Click the Apply Settings button

You will get the message settings updated

While we are here you should save a copy of the MIBs available on this page as we will use them later on

Right click on NAGIOS-NOTIFY-MIB.txt and select Save Link As

Save the file to your desktop

Repeat for NAGIOS-ROOT-MIB.txt

Test Environment Deployment Complete

You have now completely setup the test environment and from here on the tutorial on SNMP Traps will being. At this point it might be helpful to shut each one down and take a snapshot of it before continuing to allow you to go backwards if you make a mistake.

Tutorial Process

The first part of the tutorial will show you:

  • How traps are received
  • Uploading MIBs
  • Adding A SNMP Trap Service To Nagios XI

At this point you will have a basic understanding of how SNMP Traps are received by Nagios XI.

The second part of the tutorial will go into more detail:

  • Reading MIBs and understanding OID's
  • Creating SNMP Trap Events

At the end of the second part of the tutorial you should have a thorough understanding of how SNMP Traps work and at this point you should be able to determine how to configure SNMP Traps for your own SNMP enabled devices.

Tutorial Part 1

The focus in part one is to show you the working parts without going into too much detail (we'll save that for part two).

Here you will follow these steps to send a test trap to your SNMP Receiving Server. Here's what you'll do:

  • Open the XI Web interface on the SNMP Sending server
  • Observe the current state of the Users service for CentOS
  • Establish an SSH session to the CentOS server
  • Go back to the XI SNMP Sending server
  • Schedule an immediate check of the Users service for CentOS
  • Watch it go into the Warning State
  • Establish an SSH session to the XI SNMP Receiving Server
  • See the SNMP Trap that was logged
  • Upload a MIB file to the SNMP Receiving Server
  • Send another SNMP Trap
  • See the SNMP Trap that was logged
  • Add the SNMP Trap Service To SNMP Receiving Server
  • Send another SNMP Trap
  • See the service status on the SNMP Receiving Server

Observe Users Service

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the Users service

It should look like the following picture:

SSH To CentOS Server

Establish an SSH session to your CentOS server

Minimize the SSH session as we only need it to establish a user login

Check Users Service To Force An SNMP Trap To Be Sent

Go back to the Nagios XI page with the Users service

Click the Schedule a forced immediate check link

Wait while it executes the check and the screen updates

It will now go into a Warning state and like the following picture:

Confirm SNMP Trap Is Received On SNMP Receiver

Establish an SSH session to your SNMP Receiving server

Type:

 cat /var/log/snmptt/snmpttunknown.log

You will get an output similar to the following picture:

So what you have confirmed here is that the SNMP Receiving server successfully received a trap from the sending server. Right now it is not doing anything as it is going into the snmpttunknown.log file.

The snmpttunknown.log file is where traps go that the SNMPTT service does not know what to do with. The next step will be to upload MIBs.

Leave the SSH session to your SNMP Receiving server open as we will return to it shortly.

Before you continue, exit the SSH session on your CentOS server as this will return the service check back to an OK state.

Upload MIB Files

Remember those two files you saved to your desktop earlier? They were NAGIOS-ROOT-MIB.txt and NAGIOS-NOTIFY-MIB.txt. Now you will upload them to your SNMP Receiving server.

Open a web page to <http://10.25.5.30/nagiosxi>

Click the Admin menu heading

Under System Extensions click Manage MIBs

Click the Browse button

Navigate to your Desktop and double click the file NAGIOS-ROOT-MIB.txt

Leave the Process trap box un-ticked

Click the Upload MIB button

You will get a message New MIB was installed successfully

Click the Browse button

Navigate to your Desktop and double click the file NAGIOS-NOTIFY-MIB.txt

Tick the box Process trap

Click the Upload MIB button

You will get a message saying MIB file successfully processed

Return to your SSH session on your SNMP Receiving server

Type:

service snmptt restart

You will get a message saying the snmptt service stopped and started

Now that you have uploaded the Nagios SNMP MIBs, the Receiving server will now know what to do with the SNMP Traps it will receive.

Force An SNMP Trap To Be Sent

Now you will re-send that same trap again and observe what the SNMP Receiving server did this time.

Establish an SSH session to your CentOS server

Minimize the SSH session as we only need it to establish a user login

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the Users service

Click the Schedule a forced immediate check link

Wait while it executes the check and the screen updates, it will go into a warning state

Return to your SSH session on your SNMP Receiving server

Type:

cat /var/log/snmptt/snmptt.log

You will get an output similar to the picture below:

So what you have confirmed here is that the SNMP Receiving server successfully received a trap from the sending server AND it is recording it into the snmptt.log file. The snmptt.log file is a record of traps that were successfully processed by the SNMPTT service

Add SNMP Traps Service to SNMP Receiving Server

Now you will log into Nagios XI on the SNMP Receiving server and create the SNMP Trap service.

Open a web page to http://10.25.5.30/nagiosxi

Click the Admin menu heading

Under Monitoring Config click Unconfigured Objects

You should see something similar to the picture below:

In the Actions column click the Play button (Configure)

This opens the Passive Object Monitoring wizard at Step 3 as per the picture below:

Click Next

Click Finish

Wait while the wizard creates the SNMP Traps service

Click the link View status details for snmpsender

You will see a picture similar to below:

NOTE: this will display "No check results for service yet" as you need to send another trap before it gets updated.

Force An SNMP Trap To Be Sent And See Status On SNMP Receiving Server

Now you will re-send that same trap again and observe what the SNMP Receiving server did this time.

Return to your SSH session to your CentOS server

Type

exit

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the Users service

Click the Schedule a forced immediate check link

Wait while it executes the check and the screen updates, it will go into an OK state

Open a web page to http://10.25.5.30/nagiosxi

In the Search field at the top type:

SNMP Traps

Click the SNMP Traps service

You will see a picture similar to below:

Now you can see the SNMP Traps service on the SNMP Receiving server has updated

There is quite a bit of information there, you will learn in Part 2 of this tutorial on how to optimize this

The key information here is "CentOS Users 0 OK – 0 users currently logged in"

Now SSH back into the CentOS server and force an immediate check on the Users service on the SNMP Sending server

This will enter a WARNING state again and will send another trap. It will look like the picture below:

On the SNMP Receiving server you will see that the SNMP Traps service looks like this:

The key information here is "CentOS Users 1 WARNING – 1 users currently logged in"

However as you can see from the screenshot the actual service STATUS of the SNMP Traps service is "Ok" whereas on the SNMP Sending server it is WARNING. The reason for this is how we configure EVENTS in the SNMPTT service, which will be explained in Part 2 of the tutorial.

Tutorial Part 1 - Summary

The steps you have followed so far have given you a basic example of how SNMP traps are received and processed by Nagios XI. However as you have seen, it looks like there is more information than what is required and also the service state on the receiving server was not updated.

In Part 2 of the tutorial we'll delve into much detail about how this works and by the end you'll be on your way to mastering SNMP Traps.

Tutorial Part 2

This section of the tutorial will have a lot more detail. The basic topics you'll cover are:

  • Showing how the current SNMP Trap Receiving configuration is basic and the limitations that come with this
  • Explaining how to read a MIB and understanding OIDs
  • Explaining how SNMPTT sends traps to Nagios XI
  • Edit the SNMPTT configuration file to create custom EVENTS

What is SNMPTT? SNMP Trap Translator is the program that runs on the SNMP Receiving server. It takes the events from the SNMP Trap Daemon (SNMPTRAPD) service and figures out if it needs to perform an action with them or to ignore them.

SNMP Trap Receiving Configuration

At the end of part one you saw that when a SNMP Trap was received it came with a lot of information AND it did not correctly reflect the state of the service on the sending server. Here are some examples to highlight limitations of our current configuration:

Return to your SSH session to your CentOS server

Type:

service crond stop

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the Cron Scheduling Daemon service

Click the Schedule a forced immediate check link

Wait while it executes the check and the screen updates, it will go into an CRITICAL state as per the picture below:

Open a web page to http://10.25.5.30/nagiosxi

In the Search field at the top type:

SNMP Traps

Click the SNMP Traps service

On the SNMP Receiving server you will see that the SNMP Traps service looks like the picture below:

Here you can see it has updated the status to reflect the sending server HOWEVER we no longer have any information about the "Users service" which was the previous status

What was just demonstrated is that our current SNMP Trap configuration will only show the status of the last SNMP Trap received. In particular this SNMP Trap service is for ALL SNMP Traps that will come from the sending server (for everything that the sending server server monitors). You can imagine that this isn't exactly helpful.

All of this can be configured to make it more meaningful and useful. So far we have identified the following:

  • A lot more information is being display than what is necessary
  • The service status is not correctly reflected (always showing Ok)
  • All traps are received on just one services

The next step is to learn about SNMP OIDs and MIBs.

OIDs and MIBs

What do these acronyms mean?

  • OID = Object Identifier
    • This string is a series of number numbers separated with periods (.)
  • MIB = Management Information Base
    • This is a text file containing all the information about specific OIDs and how they relate to each other

Here's a picture of that first SNMP Trap you received:

On the first line we have .1.3.6.1.4.1.20006.1.7

This is the OID

  • Think of each number as a branch in a tree. Every time you have a period followed by another number you are creating another branch in the tree
  • Eventually the last number will reference a value that is being sent (you could say it was a leaf)
  • Think of it along the lines of "computer . motherboard . disk drive . file system . folder . file" (this is just a theoretical example)

For every company out there that has an SNMP enabled device, they would have applied to IANA (Internet Assigned Numbers Authority) to obtain their own Private Enterprise Number (PEN). Nagios has the PEN of 20006.

  • So this means that in all of our OIDs, the first series of numbers will always be the same
    • .1.3.6.1.4.1.20006 = Enterprises # 20006 = Nagios
  • If for example you had a Dell device, their PEN is 674, so they would have:
    • .1.3.6.1.4.1.674 = Enterprises # 674 = Dell Inc.

Now every number that follows 20006 will relate to a specific Nagios item. How do you know what each of the numbers mean? This is where a MIB comes into play. We have two MIB files NAGIOS-ROOT-MIB.txt and NAGIOS-NOTIFY-MIB.txt.

Here's a diagram of the two MIB files. Below is an explanation of how this all works:

NAGIOS-ROOT-MIB.txt is the "top level" MIB file which the NOTIFY file relies on, here is an extract from the start of the file:

    NAGIOS-ROOT-MIB DEFINITIONS ::= BEGIN 
    IMPORTS 
     MODULE-IDENTITY,  enterprises 
     FROM SNMPv2-SMI 
     TEXTUAL-CONVENTION 
     FROM SNMPv2-TC; 

    nagios MODULE-IDENTITY 
     LAST-UPDATED "200503090000Z" -- March 9, 2005 
     ORGANIZATION "Nagios" 
     CONTACT-INFO 
       " Blah Blah Blah " 
     DESCRIPTION 
       "Objects for Nagios(tm) NMS" 
     REVISION "200503090000Z" -- March 9, 2005 
     DESCRIPTION 
       "Spell check" 
          REVISION "200501200000Z" --January 20, 2005 
     DESCRIPTION 
       "Initial Version" 
     ::= {enterprises 20006}

What is important here is the MODULE-IDENTITY which is called nagios. This contains all the information about this MIB and it ends with ::= {enterprises 20006}. What this means is that this module follows the enterprise OID (.1.3.6.1.4.1) and is number 20006, hence you end up with .1.3.6.1.4.1.20006.

Now the remaining information you'll need to continue to decipher the OID will be defined in the NAGIOS-NOTIFY-MIB.txt file.

Here is an extract from the start of the NAGIOS-NOTIFY-MIB.txt file:

    NAGIOS-NOTIFY-MIB DEFINITIONS ::= BEGIN 
     IMPORTS 
     MODULE-IDENTITY, OBJECT-TYPE,  NOTIFICATION-TYPE, 
     Integer32 
      FROM SNMPv2-SMI 
     nagios,NotifyType,HostStateID,HostStateType,ServiceStateID 
      FROM NAGIOS-ROOT-MIB; 

    nagiosNotify MODULE-IDENTITY 
     LAST-UPDATED "200503090000Z" -- March 9, 2005 
     ORGANIZATION "Nagios" 
     CONTACT-INFO 
       " Blah Blah Blah " 
     DESCRIPTION 
       " DESCRIBE DESCRIBE DESCRIBE " 
     REVISION "200503090000Z" -- March 9, 2005 
     DESCRIPTION 
        "Spell check" 
     REVISION "200501200000Z" --January 20, 2005 
     DESCRIPTION 
       "Initial Version" 
       ::= { nagios 1 }

First, the IMPORTS section shows that it is importing nagios (PEN 20006) from the MIB file NAGIOS-ROOT-MIB.

Next is the MODULE-IDENTITY which is called nagiosNotify. This contains all the information about this MIB and it ends with ::= {nagios 1}. What this means is that this module follows the nagios OID (.1.3.6.1.4.1.20006) and is number 1, hence you end up with .1.3.6.1.4.1.20006.1.

Going back to our original OID number it is:

.1.3.6.1.4.1.20006.1.7

To find this in the NAGIOS-NOTIFY-MIB.txt file, all you need to do is search for:

::= { nagiosNotify 7 }

Which results in the following:

    nSvcEvent  NOTIFICATION-TYPE 
     OBJECTS { nHostname, nHostStateID, nSvcDesc, nSvcStateID, nSvcAttempt, 
             nSvcDurationSec, nSvcGroupName, nSvcLastCheck, nSvcLastChange, 
             nSvcOutput } 
     STATUS  current 
     DESCRIPTION 
       "The SNMP trap that is generated as a result of an event with the service 
       in Nagios." 
     ::= { nagiosNotify 7 }

What this means is that the OID .1.3.6.1.4.1.20006.1.7 is an SNMP Trap that was generated as a result of a service event in Nagios. This makes sense because:

  • You had a service on the sending server that you forced an immediate check to be scheduled
  • The check triggered a threshold which made it enter a warning state
  • The sending server sent a trap to the receiving server
  • The trap received contained the data

One last thing to point out is that this trap contains OBJECTS. So instead of the trap just being a value like "87" or "NIC DOWN" it contains multiple values such as nHostname, nHostStateID, etc. NOTE: These are the objects that can be sent in the trap, it does not mean ALL these objects will be sent with each trap.

Going back to the original trap, you can see all the different values are OBJECTS in this trap:

How do you know what object relates to what value? The Value 0-10 fields are all the information about the sending server, the device that actually sends the trap. The Ent Value 0-3 fields are the OBJECTS being sent with the trap. Each object is referencing an OID, so you need to refer to the MIB to understand what the OID is (even though you can probably work it out from reading it).

Looking at Ent Value 0:

.1.3.6.1.4.1.20006.1.3.1.2

Refer to the picture below to understand what this OID means:

nSvcHostname

OID = .1.3.6.1.4.1.20006.1.3.1.2

Description = Hostname as specified in the Nagios configuration file.

Value = CentOS

So this is correct the, the trap was related to the CentOS server which had the hostname of CentOS

The other three values are:

nSvcDesc

OID = .1.3.6.1.4.1.20006.1.3.1.6

Description = This value is taken from the description directive of the service definition.

Value = Users

nSvcStateID

OID = .1.3.6.1.4.1.20006.1.3.1.7

Description = A number that corresponds to the current state of the service: 0=OK, 1=WARNING, 2=CRITICAL, 3=UNKNOWN

Value = 1

nSvcOutput

OID = .1.3.6.1.4.1.20006.1.3.1.17

Description = The text output from the last service check (i.e. Ping OK)

Value = USERS WARNING - 1 users currently logged in

What you have learned here is that from just one OID (.1.3.6.1.4.1.20006.1.7) information from any service monitored by the

sending Nagios XI server can be sent through to the receiving server.

That completes the section on OIDs and MIBs.

Sending Traps To Nagios XI

Remember how you uploaded the two MIB files into Nagios XI earlier? When uploading the NAGIOS-NOTIFY-MIB.txt file you selected the box to "Process trap". What this did was:

  • Read through the MIB file and find any SNMP Traps
  • Add these traps to the snmptt configuration file
    • /etc/snmp/snmptt.conf
  • These traps are added as EVENTS to the new file
    • EVENTS tell the SNMPTT service what to do with the SNMPT Trap

Have a look at the EVENTS that were created in the SNMPTT configuration. Primarily there were four EVENTs added to /etc/snmp/snmptt.conf however you are going to focus on services (.1.3.6.1.4.1.20006.1.7), below is the EVENT:

EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal 
FORMAT The SNMP trap that is generated as a result of an event with the service $* 
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "The SNMP trap that is generated as a result of an event with the service $*" 
SDESC 
The SNMP trap that is generated as a result of an event with the service 
in Nagios. 
Variables: 
  1: nHostname 
  2: nHostStateID 
  3: nSvcDesc 
  4: nSvcStateID 
  5: nSvcAttempt 
  6: nSvcDurationSec 
  7: nSvcGroupName 
  8: nSvcLastCheck 
  9: nSvcLastChange 
  10: nSvcOutput 
EDESC

The first thing to explain is that everything between SDESC and EDESC is purely there as comments. It has no affect whatsoever on the notification to Nagios.

With that being the case, this leaves three lines remaining which are configurable:

EVENT

This line contains the OID which is matched against.

FORMAT

This line is what is logged in any log mechanisms that SNMPTT uses.

EXEC

This line is what sends the trap to Nagios. In this case it executes a python script and it is the python script that actually does the talking to Nagios.

One of the powerful features of SNMPTT is the ability to use variables, this way you can reference different objects in the trap itself. This allows you to make flexible configurations.

The EVENT line is broken up into four arguments separated by spaces:

EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal

Argument #1 = Unique text label (alias) containing NO spaces

nSvcEvent

Argument #2 = The OID you want to match against

.1.3.6.1.4.1.20006.1.7

Argument #3 = Used when logging output, for your purposes "Status Events" is all that is required

"Status Events"

Argument #4 = Severity. This is used in the output and the logging and is also referenced as a variable ($s).

Normal

The FORMAT line is one long string and can contains variables.

FORMAT The SNMP trap that is generated as a result of an event with the service $*

In this example you can see that $* has been used, this is a variable

$* means it will expand all the variables (OBJECTS) that were sent with the trap

For example you can see in the picture below that it has logged the nSvcHostname, nSvcDescn, nSvcStateID, and nSvcOutput. This give you the string:

The SNMP trap that is generated as a result of an event with the service CentOS Users 1 USERS WARNING - 1 users currently logged in

The EXEC line is the command that will be executed.

SNMPTT is using the script /usr/local/bin/snmptraphandling.py which sends PASSIVE check results to the Nagios command pipe. It requires the following arguments:

<HOST> <SERVICE> <SEVERITY> <TIME> <PERFDATA> <DATA>

<HOST> = The host object in Nagios that this event is for

<SERVICE> = The service object in Nagios this event is for

<SEVERITY> = The state of the object, which can be INFORMATIONAL, NORMAL, SEVERE, MAJOR, CRITICAL, WARNING, MINOR (the script turns these into Nagios status codes 0/1/2/3)

<TIME> = The time which should be recored for the passive check

<PERFDATA> = Any performance data (can be left empty)

<DATA> = The useful status information

NOTE: It's important that each argument is enclosed in "double quotes".

The EXEC line added by default is:

/usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "$-*" "The SNMP trap that is generated as a result of an event with the service $*"

The arguments being sent also include variables which are explained below:

<HOST> = "$r"

"$r" = The hostname of the device that sent the trap to this server

<SERVICE> = "SNMP Traps"

The name of the service we are sending a Passive check for is "SNMP Traps"

<SEVERITY> = "$s"

"$s" = the SEVERITY defined in the EVENT line (in this case it is Normal)

<TIME> = "$@"

"$@" = the EPOCH value of when the trap was received

<PERFDATA> = "$-*"

$-* means it will expand all the variables (OBJECTS) that were sent with the trap in the format of "variable name (variable type):value"

nSvcHostname (OCTETSTR):CentOS nSvcDesc (OCTETSTR):Users nSvcStateID (INTEGER):0 nSvcOutput (OCTETSTR):USERS OK - 0 users currently logged in

<DATA> = "The SNMP trap that is generated as a result of an event with the service $*"

$* means it will expand all the variables (OBJECTS) that were sent with the trap (exactly the same as the FORMAT line)

When you put it all together what is actually being executed by the EXEC line is: (all in a SINGLE line, no line breaks like below)

/usr/local/bin/snmptraphandling.py "snmpsender" "SNMP Traps" "Normal" "1439269658" "nSvcHostname (OCTETSTR):CentOS nSvcDesc (OCTETSTR):Users nSvcStateID (INTEGER):0 nSvcOutput (OCTETSTR):USERS OK - 0 users currently logged in" "The SNMP trap that is generated as a result of an event with the service CentOS Users 1 USERS WARNING - 1 users currently logged in"

When this EXEC statement is executed, Nagios XI will receive it and do one of two things:

IF there is already an "SNMP Traps" service for the host being targeted:

It will update that service and it will NOT log anything in nagios.log (this can be enabled)

IF there is NOT an "SNMP Traps" service for the host being targeted:

The following entries will be logged in nagios.log

[1416634449] Warning: Passive check result was received for service 'SNMP Traps' on host 'snmpsender', but the service could not be found!

[1416634449] Error: External command failed -> PROCESS_SERVICE_CHECK_RESULT;snmpsender;SNMP Traps;0;The SNMP trap that is generated as a result of an event with the service CentOS Users 1 USERS WARNING - 1 users currently logged in / nSvcHostname (OCTETSTR):CentOS nSvcDesc (OCTETSTR):Users nSvcStateID (INTEGER):0 nSvcOutput (OCTETSTR):USERS OK - 0 users currently logged in

[1416634449] External command error: Command failed

The "SNMP Traps" service will appear as an Unconfigured object under Admin > Monitoring Config > Unconfigured Objects

Below is a picture showing an SNMP Trap, the EVENT configuration in SNMPTT and the final result in Nagios XI:

At this point you have been shown how SNMP Traps integrated into Nagios XI. You have also learned what an OID is and how to read a MIB file.

Create Custom Events In SNMPTT

The next step involves modifying the SNMPTT EVENTs to produce more meaningful data to be sent to Nagios XI. The goal here is to do the following:

  • Multiple SNMP Trap services in Nagios XI to reflect each monitored service of the CentOS server
  • Only send important information to Nagios XI (don't cloud the issue with too much information)
  • Service status to be correctly reflected (OK / WARNING / CRITICAL / UNKNOWN)

The following steps will require you to edit the .conf files at the command line on the SNMP Receiving server. You will be instructed to use the command line editor called nano. Before we can use it we need to make sure it is installed:

Establish an SSH session to 10.25.5.30

Type:

yum -y install nano

Wait while nano is installed/updated

Leave the ssh session open as we'll be using it next

Now you will edit the /etc/snmp/snmptt.conf file:

Type:

nano /etc/snmp/snmptt.conf

Use the down arrow key until you reach the section EVENT nSvcEvent .1.3.6.1.4.1.20006.1.7 "Status Events" Normal

Change the FORMAT line so it is as follows:

FORMAT An SNMP trap received from a Nagios XI SERVICE with the details: $*

All that you have done here is to make the message that gets logged to snmptt.log a little more meaningful

Change the EXEC line so it is as follows:

EXEC /usr/local/bin/snmptraphandling.py "$1" "SNMP Trap - $2" "$s" "$@" "" "$4"

Press CTRL + X

Type:

Y

To save the changes

Press Enter to save the changes to the existing file

Type:

service snmptt restart

What does the EXEC line do now? It is using the values of the OBJECTS that exist in the trap. Here are the OBJECTS that exist in the trap:

In the SNMPTT config file, these values can be referenced as:

  • Ent Value 0 = $1
  • Ent Value 1 = $2
  • Ent Value 2 = $3
  • Ent Value 3 = $4

With this in mind, here's the new EXEC line broken down:

EXEC /usr/local/bin/snmptraphandling.py "$1" "SNMP Trap - $2" "$s" "$@" "" "$4"

<HOST> = "$1"

"$1" = CentOS

<SERVICE> = "SNMP Traps - $2"

The name of the service we are sending a Passive check for is "SNMP Traps - Users"

<SEVERITY> = "$s"

"$s" = the SEVERITY defined in the EVENT line (in this case it is Normal)

<TIME> = "$@"

"$@" = the EPOCH value of when the trap was received

<PERFDATA> = ""

NO performance data is being sent so we are providing empty quotes

<DATA> = "$4"

The status data we are sending is "USERS WARNING - 1 users currently logged in"

What you are doing down is sending a Passive check result for the service SNMP Traps - Users for the host CentOS. These will come through as an Unconfigured Object initially because Nagios XI has never received a Passive check result for this host/service.

Now send a trap and see how the service appears as in Nagios XI.

Establish an SSH session to your CentOS server

Minimize the SSH session as we only need it to establish a user login

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the Users service

Click the Schedule a forced immediate check link

Wait while it executes the check and the screen updates, it will go into a warning state

Open a web page to http://10.25.5.30/nagiosxi

Click the Admin menu heading

Under Monitoring Config click Unconfigured Objects

You should see something similar to the picture below:

To create the SNMP Trap - Users service:

In the Actions column click the Play button (Configure)

This opens the Passive Object Monitoring wizard at Step 3

Click Next

Click Finish

Wait while the wizard creates the SNMP Traps service

Click the link View status details for CentOS

You will see a picture similar to below:

Now you need to send another trap for the service to update, we'll come back to this screen shortly

Return to your SSH session to your CentOS server

Type:

 exit

Return to the SENDING SNMP server and Schedule a forced immediate check for the Users service

Wait while it executes the check and the screen updates, it will go into an OK state

Return to the RECEIVING SNMP server and the SNMP Trap - Users service will now be updated like the picture below:

This reflects exactly what appears on the sending server, nothing new here.

Now test the service going into a WARNING state

Establish an SSH session to your CentOS server

Minimize the SSH session as we only need it to establish a user login

Return to the SENDING SNMP server and Schedule a forced immediate check for the Users service

Wait while it executes the check and the screen updates, it will go into a Warning state

Return to the RECEIVING SNMP server and the SNMP Trap - Users service will now be updated like the picture below:

Now it is correctly reflecting the Warning status. Now let's test Critical.

Establish an ADDITIONAL SSH session to your CentOS server

Minimize the SSH session as we only need it to establish a second user login

Return to the SENDING SNMP server and Schedule a forced immediate check for the Users service

Wait while it executes the check and the screen updates, it will go into a critical state

Return to the RECEIVING SNMP server and the SNMP Trap - Users service will now be updated like the picture below:

Now it is correctly reflecting the Critical status

At this point we have achieved the following:

  • Only send important information to Nagios XI (don't cloud the issue with too much information)
  • Service status to be correctly reflected (OK / WARNING / CRITICAL / UNKNOWN)

HOWEVER we still haven't done this:

  • Multiple SNMP Trap services in Nagios XI to reflect each monitored service of the CentOS server

Throughout this tutorial you have seen that when a trap is received on a Nagios XI server AND it doesn't already exist as a service in Nagios XI, it will appear under the Unconfigured Objects. Once it appears there you can create the Passive service ready to accept new traps.

However they will only appear under Unconfigured Objects when the service changes state. So it might be a while before some are received.

If you wanted to create these services now you could actually go into Core Configuration Manager and make multiple copies of the "SNMP Trap - Users" service and rename each one to reflect the service being monitored on the sending service, like "SNMP Trap - CPU Stats", "SNMP Trap - Yum Updates" etc. We'll not go through those steps here as this is easy to do.

Another way to do this is to disconnect the CentOS server from the network and by doing this all of the services will change their state. In addition to this you will see the host state of the CentOS server change on the SNMP Receiving server (or it?).

Open a console session to your CentOS VM

Login to the console as root

Type:

ifdown eth0

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the host object CentOS (the word CentOS)

Under Quick Actions click Schedule a forced immediate check

Click the Advanced tab

Under Commands click Schedule immediate check for all services on this host

Click Commit

Click Done

In the Search field at the top type:

CentOS

Here you will see something similar to the picture below:

Now a trap for each of these services has been sent through to the RECEIVING SNMP server

Open a web page to http://10.25.5.30/nagiosxi

Click the Admin menu heading

Under Monitoring Config click Unconfigured Objects

You should see something similar to the picture below:

To create all these SNMP Trap - xxx services:

Tick the box next to CentOS

At the bottom next to With Selected click the Play button (Configure)

This opens the Passive Object Monitoring wizard at Step 3

Click Next

Click Finish

Wait while the wizard creates the SNMP Traps service

Click the link View status details for CentOS

Now you will have all the SNMP Trap - xxx services created

Now you can bring the CentOS server online and all of these services will be updated

Return to the console session to your CentOS VM

Type:

ifup eth0

Open a web page to http://10.25.5.20/nagiosxi

In the Search field at the top type:

CentOS

Click the host object CentOS (the word CentOS)

Under Quick Actions click Schedule a forced immediate check

Wait while it executes the check and the screen updates, it will go into a critical state

Open a web page to http://10.25.5.30/nagiosxi

In the Search field at the top type:

CentOS

Here you will see that the HOST object CentOS is now in a Critcal state and the color is red

Return to the console session to your CentOS VM

Type:

ifup eth0

Within a minute or so the everything should return back to an OK state on the RECEIVING SNMP server. The host object now has a green background, similar to the picture below:

Congratulations, you've now completed the SNMP Trap Tutorial.

SNMP Trap Tutorial - Summary

While the S in SNMP stands for Simple, you've seen how it can be hard to learn SNMP. Hopefully this tutorial has helped break down some of these barriers.

At this point you should have a good understanding of how SNMP Traps are received and handled by Nagios XI.

Armed this this knowledge you will now be able to setup Nagios XI to receive SNMP Traps from various SNMP enabled devices on your network.

Final Thoughts

For any support related questions please visit the Nagios Support Forums at:

Nagios Support Forums

Nagios Enterprises, LLC

© All rights reserved. 2026