Setup SNMP Traps
Receiving SNMP traps is the opposite of querying SNMP devices.
Information is sent from an SNMP device and is collected or "trapped" by Zabbix.
SNMP Traps are sent to the server on port 162 (as opposed to port 161 on the agent side that is used for queries).
So port 162 will need to be allowed on the Zabbix Server or Proxy, which ever will receive the SNMP traps.
Ubuntu, Raspbian, Debian
iptables -A INPUT -p udp --dport 162 -j ACCEPT sudo service iptables restart
firewall-cmd --add-port=162/udp --permanent firewall-cmd --reload
Zabbix Server or Proxy Configuration
For SNMP Traps to work, you need to configure some settings for either the Zabbix Server, or Zabbix Proxy.
Open zabbix_server.conf or zabbix_proxy.conf
Restart the Zabbix Server or Proxy
sudo service zabbix-proxy restart
Download the Zabbix Trap Receiver
sudo wget https://git.zabbix.com/projects/ZBX/repos/zabbix/raw/misc/snmptrap/zabbix_trap_receiver.pl -O /usr/bin/zabbix_trap_receiver.pl
The above command will save it to the /usr/bin/ folder
Now give it execute permissions,
sudo chmod a+x /usr/bin/zabbix_trap_receiver.pl
Install and Configure snmptrapd
snmptrapd is an SNMP application that receives and logs SNMP TRAP and INFORM messages.
Ubuntu, Raspbian, Debian
sudo apt install snmp, snmp-mibs-downloader, snmptrapd
yum install -y net-snmp-utils net-snmp-perl net-snmp
On CentOS 8, you may get the error that the perl snmp libs cannot be found. You can download the rpm first from
rpm -ivh http://repo.okay.com.mx/centos/8/x86_64/release/okay-release-1-3.el8.noarch.rpm and then try again.
Edit its configuration,
sudo nano /etc/snmp/snmptrapd.conf
and add the text below, replacing public with your actual SNMP community name if it is not public.
authCommunity execute public perl do "/usr/bin/zabbix_trap_receiver.pl";
Save, restart and check its status
sudo service snmptrapd restart sudo service snmptrapd status
Test an Example SNMPTRAP
In my examples below, 192.168.1.70 is the ip address of the server with the SNMP Trap Daemon running on it. Any SNMP host that can access this ip address, can send an snmptrap message if it also has snmp installed.
#version 1 snmptrap -v1 -cmycommunity 192.168.1.70 .126.96.36.199.188.8.131.52.5.3 '0.0.0.0' 6 1 '' .184.108.40.206.220.127.116.11.5.3 s "link down example v1" snmptrap -v1 -cmycommunity 192.168.1.70 SNMPv2-MIB::sysLocation.0 '0.0.0.0' 6 17 '' SNMPv2-MIB::sysLocation.0 s "I am here v1" #version 2c snmptrap -v2c -cmycommunity 192.168.1.70 '' .18.104.22.168.22.214.171.124.5.3 .126.96.36.199.188.8.131.52.5.3 s "link down example v2c" snmptrap -v2c -cmycommunity 192.168.1.70 '' SNMPv2-MIB::sysLocation.0 SNMPv2-MIB::sysLocation.0 s "I am here v2c"
Example Configure Traps on Cisco Switch
I demonstrate configuring my Cisco switch to send snmp traps to the server with snmptrapd listening. Zabbix proxy is also running on the same server, and will forward the messages onto the Zabbix server where the host is configured.
The commands below are for my settings. You will need to modify yours depending on the documentation of your SNMP device, and also use the IP address and community of the snmptrapd that you want to send to.
Telnet to SNMP device.
Enter passwords when required.
Switch>enable Switch#configure terminal Switch(config)#snmp-server enable traps Switch(config)#snmp-server host 192.168.1.70 version 2c mycommunity Switch(config)#exit Switch#copy run start Switch#disable Switch>show snmp Switch>exit
The SNMP device, will send a snmptrap to the IP address configured. That IP should have the snmptrapd process running on it. It will be listening on port 162 by default. The firewall should not be blocking the snmp device from sending to it on that port. When the snmptrapd process receives a new trap message, it passes it to the zabbix_trap_receiver.pl script, which will reformat it, and save it into the folder. The zabbix proxy or server, will read it from that folder, and if the ip address or hostname matches a configured host than it will by default appear in the hosts snmp trap fallback item on the Zabbix server.
The host configuration on the Zabbix server should be configured with an SNMP interface and 1 or more snmptrap items.
If your custom mibs are not working and the snmptrapd is still showing the OID numbers. Place your custom mib files into one of the MIB search paths. To see the search paths type
net-snmp-config --default-mibdirs. Also comment out the
mib : line in
/etc/snmp/snmp.conf to look like
And then restart snmptrapd.
sudo service snmptrapd restart
If when running zabbix_trap_receiver.pl, you get an error that perl is not installed,
apt-get install perl libxml-simple-perl libsnmp-perl
yum install "perl(SNMP)" "perl(XML::Simple)"