Skip to content

Configure SNMP Traps

Video Lecture

Setup SNMP Traps Setup SNMP Traps

Description

Receiving SNMP traps is the opposite of querying SNMP devices.

Information is sent from an SNMP device to an SNMP Trap Daemon, and is collected or "trapped" by Zabbix server or Zabbix proxy.

Zabbix Server or Proxy Configuration

For SNMP Traps to work, you need to configure some settings for either the Zabbix Server or Zabbix Proxy.

Open zabbix_server.conf or zabbix_proxy.conf (if using the Zabbix proxy)

And add/edit,

SNMPTrapperFile=/tmp/zabbix_traps.tmp
StartSNMPTrapper=1

Restart the Zabbix Server/Proxy

sudo service zabbix-proxy restart

Download the Zabbix Trap Receiver

Download zabbix_trap_receiver.pl

sudo wget https://git.zabbix.com/projects/ZBX/repos/zabbix/raw/misc/snmptrap/zabbix_trap_receiver.pl -O /usr/bin/zabbix_trap_receiver.pl

The above command will save it to the /usr/bin/ folder

Now give it execute permissions,

sudo chmod a+x /usr/bin/zabbix_trap_receiver.pl

Install and Configure snmptrapd

snmptrapd is an SNMP application that receives and logs SNMP TRAP and INFORM messages.

Ubuntu, Raspbian, Debian

sudo apt install snmp snmp-mibs-downloader snmptrapd

Centos

yum install -y net-snmp-utils net-snmp-perl net-snmp

Note

On CentOS 8, you may get the error that the perl snmp libs cannot be found. You can download the rpm first from rpm -ivh http://repo.okay.com.mx/centos/8/x86_64/release/okay-release-1-3.el8.noarch.rpm and then try again.

Edit the SNMP Trap daemon configuration,

sudo nano /etc/snmp/snmptrapd.conf

and add the text below, replacing public with your actual SNMP community name if it is not public.

authCommunity execute public
perl do "/usr/bin/zabbix_trap_receiver.pl";

Optionally, you can also enable MIBs descriptions in the SNMP trap messages if you have installed snmp-mibs-downloader from earlier onto the same server where snmptrapd is running.

sudo nano /etc/snmp/snmp.conf

Comment out the line

mibs :

to be

#mibs :

Save, restart and check its status

sudo service snmptrapd restart
sudo service snmptrapd status

Example Configure Traps on Cisco Switch

I demonstrate configuring my Cisco switch to send SNMP traps to the server with snmptrapd listening.

Zabbix proxy is also running on the same server as the SNMP Trapper, and will read updates from the /tmp/zabbix_traps.tmp file and forward them onto the Zabbix server into the SNMP trapper items for the particular host configuration.

The commands below are for my settings. You will need to modify yours depending on the documentation of your SNMP device, and also use the IP address and community of the snmptrapd that you want to send to.

Telnet to SNMP device.

telnet 192.168.1.2

Enter passwords when required.

Switch>enable
Switch#configure terminal
Switch(config)#snmp-server enable traps
Switch(config)#snmp-server host 192.168.1.109 version 2c mycommunity
Switch(config)#exit
Switch#copy run start
Switch#disable
Switch>show snmp
Switch>exit

Troubleshooting

The SNMP device, will send a snmptrap to the IP address configured. That IP should have the snmptrapd process running on it. It will be listening on port 162 by default. The firewall should not be blocking the SNMP device from sending to it on that port on that host. When the snmptrapd process receives a new trap message, it passes it to the zabbix_trap_receiver.pl script, which will reformats it, and save it into the /tmp/zabbix_traps.tmp folder. The Zabbix proxy or server, will then read the updates from that file, and if the IP address or hostname matches a configured host inside Zabbix, then it will by default appear in the hosts snmptrap.fallback item on the Zabbix server.

The host configuration on the Zabbix server should be configured with an SNMP interface and 1 or more snmptrap items.

If your custom MIBs are not working and the snmptrapd is still showing the OID numbers. Place your custom MIB files into one of the MIB search paths. To see the search paths type net-snmp-config --default-mibdirs. Also comment out the mib : line in /etc/snmp/snmp.conf to look like #mib : And then restart snmptrapd.

sudo service snmptrapd restart

If when running zabbix_trap_receiver.pl, you get an error that Perl is not installed,

On Ubuntu

apt-get install perl libxml-simple-perl libsnmp-perl

On CentOS

yum install "perl(SNMP)" "perl(XML::Simple)"

zabbix_trap_receiver.pl

Start with SNMP traps in Zabbix

Cisco IOS SNMP Traps Configuration

Net-SNMP Tutorial -- traps

Comments