2012년 12월 26일 수요일

Nagios SNMP Trap: part 1 - SNMPTT installation

This post is going to be separated into two parts. The first part is describing to install Nagios core, plugins and SNMPTT(SNMP Trap Translator), and the second part is going to be posted about registering SNMP evethandler to make Nagios aware these messages, converting MIB files and integrating MySQL database to store messages.

SNMPTT is module to handle snmp trap message and written in perl. The follow describes how it works:

[Figure] SNMPTT Flows (http://snmptt.sourceforge.net/about.shtml)

Install Nagios core
# pre-requisite 
$ yum install -y wget httpd php gcc glibc glibc-common gd gd-devel make net-snmp*

# main module download 
$ mkdir /downloads
$ cd /downloads
$ wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.4.1.tar.gz
$ tar -xzvf ./nagios-3.4.1.tar.gz

# Adding the Nagios User and Group
$ useradd nagios
$ groupadd nagios
$ usermod -a -G nagcmd nagios

$ cd ./nagios
$ ./configure --with-command-group=nagios
*** Configuration summary for nagios 3.4.1 05-11-2012 ***:
....
General Options:
-------------------------
        Nagios executable:  nagios
        Nagios user/group:  nagios,nagios
       Command user/group:  nagios,nagios
            Embedded Perl:  no
             Event Broker:  yes
        Install ${prefix}:  /usr/local/nagios
                Lock file:  ${prefix}/var/nagios.lock
   Check result directory:  ${prefix}/var/spool/checkresults
           Init directory:  /etc/rc.d/init.d
  Apache conf.d directory:  /etc/httpd/conf.d
             Mail program:  /bin/mail
                  Host OS:  linux-gnu

Web Interface Options:
------------------------
                 HTML URL:  http://localhost/nagios/
                  CGI URL:  http://localhost/nagios/cgi-bin/
Traceroute (used by WAP):

Review the options above for accuracy.  If they look okay,
type 'make all' to compile the main program and CGIs.

# Install main program
$ make all
$ make install 

# Makes auto start script
$ make install-init  

# Make config files 
$ make install-config

# install external command file
$ make install-commandmode

# Configure nagios web and connect to apache 
$ make install-webconf

# Create an user of WebUI
$ htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
New password:
Re-type new password:
Adding password for user nagiosadmin

Install Nagios plugins

# Download plugins and install.
$ wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.16.tar.gz
$ tar -xzvf nagios-plugins-1.4.16.tar.gz
$ cd nagios-plugins-1.4.16
$ ./configure --with-nagios-user=nagios --with-nagios-group=nagios
$ make
$ make install
[....]
check_http.c:312: error: ‘ssl_version’ undeclared (first use in this function)
check_http.c:312: error: (Each undeclared identifier is reported only once
check_http.c:312: error: for each function it appears in.)
make[1]: *** [check_http.o] Error 1
make[1]: Leaving directory `/downloads/nagios-plugins-1.4.16/plugins'
make: *** [install-recursive] Error 1

# Need to install openssl module
$ yum install openssl-devel
$ make clean
$ ./configure --with-nagios-user=nagios --with-nagios-group=nagios
$ make
$ make install

# Registering these as AutoStart
$ chkconfig nagios on
$ chkconfig httpd on


SNMPTT (SNMP Trap Translator) installation
# download  snmptt_1.3.tgz from http://sourceforge.net/projects/snmptt/
$ snmptt_1.3.tgz
$ tar -xzvf ./snmptt_1.3.tgz
$ cd snmptt_1.3

# Copy snmptt to /usr/sbin/ and ensure it is executable (chmod +x snmptt)
$ cp ./snmptt /usr/sbin/
$ chmod a+x /usr/sbin/snmptt

# Copy snmptthandler to /usr/sbin/ and ensure it is executable (chmod +x snmptthandler)
$ cp ./snmptthandler /usr/sbin/
$ chmod a+x /usr/sbin/snmptthandler 

# Copy snmpttconvert to /usr/sbin/ and ensure it is executable (chmod +x snmptthandler)
$ cp ./snmpttconvert /usr/sbin/
$ chmod a+x /usr/sbin/snmpttconvert 

# Copy snmpttconvertmib to /usr/sbin/ and ensure it is executable (chmod +x snmptthandler)
$ cp ./snmpttconvertmib /usr/sbin/
$ chmod a+x /usr/sbin/snmpttconvertmib

# Copy snmptthandler to /usr/sbin/ and ensure it is executable (chmod +x snmptthandler)
$ cp ./snmptthandler /usr/sbin/
$ chmod a+x /usr/sbin/snmptthandler 

# Copy snmptt.ini to /etc/snmp/ or /etc/ and edit the options inside the file.
$ cp ./snmptt.ini /etc/snmp/

# Copy snmptt.ini to /etc/snmp/ or /etc/ and edit the options inside the file.
$ mkdir /var/log/snmptt

# Modify the Net-SNMP snmptrapd.conf file by adding the following line:
$ vi /etc/snmp/snmptrapd.conf
traphandle default /usr/sbin/snmptthandler

# Create the spool folder
$ mkdir /var/spool/snmptt/

# Copy the script to the init.d directory
$ cp snmptt.init.d /etc/rc.d/init.d/snmptt

Here, SNMPTT uses some perl modules (CPAN: Comprehensive Perl Archive Network - http://www.cpan.org/misc/cpan-faq.html ) and perl CPAN not installed by default on CentOS 6.

Notice: Perl modules may be installed via YUM, but some of them are not included in YUM or needed higher version number than dependencies files in YUM
$ yum install net-snmp-perl, perl-CPAN

This step is to install Config::InitFiles and List::MoreUtils, I downloaded needed files in advance, because I cannot connected to internet.
# (1) Download ftp://ftp.perl.org/pub/CPAN/authors/01mailrc.txt.gz and copy to 
/root/.cpan/sources/authors/
# (2) Download ftp://ftp.perl.org/pub/CPAN/modules/02packages.details.txt.gz and copy to 
/root/.cpan/sources/modules/
# (3) Download ftp://ftp.perl.org/pub/CPAN/modules/03modlist.data.gz and copy to 
/root/.cpan/sources/modules/
# (4) Download ftp://ftp.perl.org/pub/CPAN/authors/id/A/AD/ADAMK/List-MoreUtils-0.33.tar.gz, ftp://ftp.perl.org/pub/CPAN/authors/id/A/AD/ADAMK/CHECKSUMS and copy to 
/root/.cpan/sources/authors/id/A/AD/ADAMK/
# (5) Download ftp://ftp.perl.org/pub/CPAN/authors/id/S/SH/SHLOMIF/Config-IniFiles-2.78.tar.gz, ftp://ftp.perl.org/pub/CPAN/authors/id/S/SH/SHLOMIF/CHECKSUMS and copy to 
/root/.cpan/sources/authors/id/S/SH/SHLOMIF/
# (6) Download ftp://ftp.perl.org.pub.CPAN/authors/id/M/MS/MSCHWERN/CHECKSUMS/Test-Simple-0.98.tar.gz, ftp://ftp.perl.org.pub.CPAN/authors/id/M/MS/MSCHWERN/CHECKSUMS
/root/.cpan/sources/authors/id/M/MS/MSCHWERN/

$ perl -MCPAN -e 'install List::MoreUtils'

$ perl -MCPAN -e 'install Config::InitFiles'

# If you have en error "Can't locate Module/Build/Compat.pm in @INC contain...", you should install the following module to solve dependencies.  
$ yum install perl-Moudle-Build


Put it simply, the connection between Nagios and snmptt is as follows:


As can see how it works from the above image. When the server triggers trap messages, snmptrapd is the first to handle them on monitoring server. Look at the following script. It defines that handling of trap is delegating to snmptt in the configuration.
$ vi /etc/snmp/snmptrapd.conf
...
traphandle default /usr/sbin/snmptt
...


$ vi /etc/rc.d/init.d/snmptrapd
....
OPTIONS="-On -Lsd -p /var/run/snmptrapd.pid"
....
Next, snmptt makes decision whether the trap message is known or unknown based on predefined trapfiles:
$ vi /etc/snmp/snmptt.ini
...
[TRAPFILES]
snmptt_conf_files = <<END
/etc/snmp/snmptt.conf.cisco
/etc/snmp/snmptt.conf.emc
END
...

The first part is finished at here. I originally decided not to divide, but I realized this would be long one for one blog. I'll post the second part of this as soon as possible.

Here's the link about part 2: http://hyper-choi.blogspot.kr/2013/01/nagios-snmp-trap-part-2-configuration.html


References:
1. Installation manual: http://assets.nagios.com/downloads/nagioscore/docs/Installing_Nagios_Core_From_Source.pdf
2. http://www.thesysadminhimself.com/2012/09/compiling-nagios-plugins-1416-throws.html
3. http://www.linuxquestions.org/questions/linux-newbie-8/nagios-internal-server-error-903798/
4. http://www.linuxquestions.org/questions/linux-software-2/snmp-monitoring-with-nagios-645270/
5. http://it.bogema.nl/tag/centos-6-2/
6. http://askaralikhan.blogspot.kr/2010/12/receiving-snmp-traps-in-nagios.html

댓글 6개:

  1. Thanks! Really useful.
    Most difficult bit is figuring out which of these buttons is 'submit comment'

    답글삭제
  2. can you check SNMPTT (SNMP Trap Translator) installation process. I think you typed double about snmptthandler.

    Another think is
    # Copy the script to the init.d directory
    $ cp snmptt.init.d /etc/rc.d/init.d/snmptt
    I think snmptt-init.d because i can't find snmptt.ini.d inside the directory that we extract.

    답글삭제
  3. this is by far the most comprehensive document I have seen on this topic. Really nice work ! Thank you.

    답글삭제
  4. 404 error downloading files:

    # (5) Download ftp://ftp.perl.org/pub/CPAN/authors/id/S/SH/SHLOMIF/Config-IniFiles-2.78.tar.gz, ftp://ftp.perl.org/pub/CPAN/authors/id/S/SH/SHLOMIF/CHECKSUMS and copy to
    /root/.cpan/sources/authors/id/S/SH/SHLOMIF/
    # (6) Download ftp://ftp.perl.org.pub.CPAN/authors/id/M/MS/MSCHWERN/CHECKSUMS/Test-Simple-0.98.tar.gz, ftp://ftp.perl.org.pub.CPAN/authors/id/M/MS/MSCHWERN/CHECKSUMS
    /root/.cpan/sources/authors/id/M/MS/MSCHWERN/

    please help!

    답글삭제
  5. Hi, Jose,

    1) Config-IniFiles seems to be upgraded, please download from ftp://ftp.perl.org/pub/CPAN/authors/id/S/SH/SHLOMIF/Config-IniFiles-2.83.tar.gz
    2) Wrong links, Changed to download from ftp://ftp.perl.org/pub/CPAN/authors/id/M/MS/MSCHWERN/Test-Simple-0.98.tar.gz and ftp://ftp.perl.org/pub/CPAN/authors/id/M/MS/MSCHWERN/CHECKSUMS

    Regards,
    Yeonki.

    답글삭제
  6. Thank you!
    I'll apreciate your help, This guide its really useful :)

    답글삭제