为啥我将所有 snmp 陷阱都作为未知陷阱接收

Posted 2023-02-16

【中文标题】为啥我将所有 snmp 陷阱都作为未知陷阱接收

【英文标题】：Why I get all snmp trap received as unknown traps为什么我将所有 snmp 陷阱都作为未知陷阱接收

【发布时间】：2021-05-04 11:39:07

【问题描述】：

我已经配置了一台 centos 机器 (7.5) 来接收来自 BIG-IP F5 机器的 snmptrap，但我收到的所有 snmptrap 都是未知的。 我的/etc/snmp/snmtrapd.conf：

# Example configuration file for snmptrapd
# No traps are handled by default, you must edit this file!
authCommunity   log,execute cacti2021
#traphandle  default /usr/sbin/snmptt
#traphandle SNMPv2-MIB::coldStart    /usr/bin/bin/snmptt cold
traphandle default /usr/sbin/snmptthandler --ini=/etc/snmp/snmptt.ini
disableAuthorization yes

我下载了所有 F5 MIB 文件并将它们放在 /usr/share/snmp/mibs 中，然后我在目录 /usr/share/snmp/ 中创建了一个 snmp.conf 文件，这是文件 snmp.conf：

# SECTION: Textual mib parsing
#
#   This section controls the textual mib parser.  Textual
#   mibs are parsed in order to convert OIDs, enumerated
#   lists, and ... to and from textual representations
#   and numerical representations.

# mibdirs: Specifies directories to be searched for mibs.
#   Adding a '+' sign to the front of the argument appends the new
#   directory to the list of directories already being searched.
#   arguments: [+]directory[:directory...]

mibdirs  +/usr/share/snmp/mibs
mibdirs  +/usr/share/mibs 
mibdirs  +/usr/share/mibs/other
mibdirs  +/usr/share/mibs/ietf
mibdirs  +/usr/share/mibs/dell
#mibdirs  +/usr/share/mibs/cisco
mibdirs  +/usr/share/mibs/vmware
# mibdirs  +/opt/mx/mibs
# mibdirs    +/usr/share/mibs/cisco

# mibs: Specifies a list of mibs to be searched for and loaded.
#   Adding a '+' sign to the front of the argument appends the new
#   mib name to the list of mibs already being searched for.
#   arguments: [+]mibname[:mibname...]

mibs +ALL

# showmiberrors: Should errors in mibs be displayed when the mibs are loaded
#   arguments: (1|yes|true|0|no|false)

showmiberrors  yes 

# mibwarninglevel: Should warnings about mibs be displayed when the mibs are loaded
#   arguments: 1|2

mibwarninglevel  0

# miballowunderline: Should underlines be allowed in mib symbols (illegal)
#   arguments: (1|yes|true|0|no|false)

miballowunderline  yes

# mibreplacewithlatest: Force replacement of older mibs with known updated ones
#   arguments: (1|yes|true|0|no|false)

mibreplacewithlatest  yes

谁能帮我解决这个问题。

【参考方案1】：

是的，所有陷阱都是未知的，因为您没有定义它们。 使用 snmpttconvertmib 将所需的 MIBS 转换为 snmptt 格式。例如：

snmpttconvertmib --in=/home/username/.snmp/mibs/SomeMibFile.my --out=snmptt.conf.bigipf5 --exec='/bin/bash /usr/local/bin/trap/submit_check_result $r '"TRAP 2" -net_snmp_perl --format=4

然后在snmptt.ini的configs列表中列出该文件：

...
[TrapFiles]
# A list of snmptt.conf files (this is NOT the snmptrapd.conf file).  The COMPLETE path 
# and filename.  Ex: '/etc/snmp/snmptt.conf'
snmptt_conf_files = <<END
/etc/snmp/snmptt.conf.bigipf5
END

然后重新启动 snmptt.service。 现在它会将定义的陷阱视为已知。