Hi team,
I’m trying to monitor 2 services with TRAPS.
Both services are using the same OID:
.1.3.6.1.4.1.6889.2.2.1.2.0.29 => service down
.1.3.6.1.4.1.6889.2.2.1.2.0.30 => service up
To understand which service is down, the argument $5 send the number of service (Integer):
1 => Voicemail
4 => OneX Portal
I don’t know how to use advanced matching rule to output the argument $5 for each service.
I tried that but it’s not working fine:
Thank you for help
+19
Can you enable snmptrad debug and check with argument and value you receive?
I receive this output from trap:
1 07 E8 05 15 10 0B 19 00 S-Edition Primary Select 11.1.3.1.0 build 34 1
1 07 E8 05 15 10 0D 37 00 S-Edition Primary Select 11.1.3.1.0 build 34 4
The last digit is the string that I need to wortk with (1 or 4).
he re is my configuration on advanced matching rules and the debug output:
snmptrapd.log output:##########################################
2024-05-22 18:54:15 - INFO - 5247 - CHLD command launched: 12120
2024-05-22 18:54:15 - INFO - 12120 - Regexp: String:S-Edition Primary Select 11.1.3.1.0 build 34 1 => REGEXP:S-Edition Primary Select 11.1.3.1.0 build 34 1$
2024-05-22 18:54:15 - INFO - 12120 - Status: 2 (2)
2024-05-22 18:54:15 - INFO - 12120 - Severity id: null
2024-05-22 18:54:15 - INFO - 12120 - Severity name: null
2024-05-22 18:54:15 - INFO - 12120 - Severity level: null
2024-05-22 18:54:15 - INFO - 5247 - CHLD command launched: 12121
2024-05-22 18:54:15 - INFO - 12121 - Regexp: String:S-Edition Primary Select 11.1.3.1.0 build 34 1 => REGEXP:S-Edition Primary Select 11.1.3.1.0 build 34 1$
2024-05-22 18:54:15 - INFO - 12121 - Status: 2 (2)
2024-05-22 18:54:15 - INFO - 12121 - Severity id: null
2024-05-22 18:54:15 - INFO - 12121 - Severity name: null
2024-05-22 18:54:15 - INFO - 12121 - Severity level: null
2024-05-22 18:54:15 - INFO - 12120 - SUBMIT: Force service status via passive check update
2024-05-22 18:54:15 - INFO - 12120 - SUBMIT: Launched command: /bin/echo "EXTERNALCMD:1:[1716396855] PROCESS_SERVICE_CHECK_RESULT;IPO;OneX Portal service;2;1" >> /var/lib/centreon/centcore/1716396855-traps
2024-05-22 18:54:15 - INFO - 12121 - SUBMIT: Force service status via passive check update
2024-05-22 18:54:15 - INFO - 12121 - SUBMIT: Launched command: /bin/echo "EXTERNALCMD:1:[1716396855] PROCESS_SERVICE_CHECK_RESULT;IPO;Voicemail service;2;1" >> /var/lib/centreon/centcore/1716396855-traps
2024-05-22 18:54:15 - INFO - 5247 - SIGCHLD received: 12120
2024-05-22 18:54:15 - INFO - 5247 - SIGCHLD received: 12121
2024-05-22 18:56:17 - INFO - 5247 - Unknown trap
2024-05-22 18:56:49 - ERROR - 5247 - MySQL error: MySQL server has gone away (caller: centreon::trapd::lib:/usr/share/perl5/vendor_perl/centreon/trapd/lib.pm:132)
Query: SELECT name, traps_log, traps_execution_command, traps_reschedule_svc_enable, traps_id, traps_args,
traps_oid, traps_name, traps_mode, traps_advanced_treatment, traps_advanced_treatment_default, traps_execution_command_enable, traps_submit_result_enable, traps_status,
traps_timeout, traps_customcode, traps_exec_interval, traps_exec_interval_type,
traps_routing_mode, traps_routing_value, traps_routing_filter_services,
traps_exec_method, traps_downtime, traps_output_transform,
service_categories.level, service_categories.sc_name, service_categories.sc_id
FROM traps
LEFT JOIN traps_vendor ON (traps_vendor.id = traps.manufacturer_id)
LEFT JOIN service_categories ON (service_categories.sc_id = traps.severity_id)
WHERE traps_id IN (721)
2024-05-22 18:56:49 - ERROR - 5247 - Dont skip trap. Need to solve the error.
#############################################################
I don’t know why the trap don’t take care about regexp that I put.
Here is the full output for trap for each service:
1 07 E8 05 15 12 32 35 00 S-Edition Primary Select 11.1.3.1.0 build 34 1 => service 1
1 07 E8 05 15 10 0D 37 00 S-Edition Primary Select 11.1.3.1.0 build 34 4 => service 4
+19
HI,
According to the documentation and your screenshot:
If “Output message = $5”, $5 can contain 1 or 4.
So for the advanced matching rules you should have:
Hi,
I Tried that but doesn’t work because for both services, the string 1 or 4 is present at the begin of the output (argument $1) for alarm severity:
1 for severity (Cleared) and 4 for severity (Major)
1 07 E8 05 15 12 32 35 00 S-Edition Primary Select 11.1.3.1.0 build 34 1
1 07 E8 05 15 10 0D 37 00 S-Edition Primary Select 11.1.3.1.0 build 34 4
4 07 E8 05 15 12 32 35 00 S-Edition Primary Select 11.1.3.1.0 build 34 1
4 07 E8 05 15 10 0D 37 00 S-Edition Primary Select 11.1.3.1.0 build 34 4
So the reult is send for both services always, and that is wrong.
Example 1: I turn on Voicemail service, see below both services are OK
Example 2: I turn off OneX Portal service: see below both services are Critical:
+19
So you can use /^4.*/, this means that the value must start with 4
In my case, here is the condition:
Voicemail service
OneX Portal service
So I will try this regex and give you feedback if it’s work:
@OUTPUT@ /^4.*1$/
@OUTPUT@ /^4.*4$/
@OUTPUT@ /^1.*1$/
@OUTPUT@ /^1.*4$/
It doesn’t work, something is wrong and I don’t found what is it.
The issue is that centreontrapd switch both services by receiving the trap:
##################################################
2024-05-22 20:49:25 - INFO - 21664 - Regexp: String:1 07 E8 05 18 17 10 35 00 S-Edition Primary Select 11.1.3.1.0 build 34 1 => REGEXP:^1.*1$
2024-05-22 20:49:25 - INFO - 21664 - Status: 0 (0)
2024-05-22 20:49:25 - INFO - 21664 - Severity id: null
2024-05-22 20:49:25 - INFO - 21664 - Severity name: null
2024-05-22 20:49:25 - INFO - 21664 - Severity level: null
2024-05-22 20:49:25 - INFO - 21199 - CHLD command launched: 21665
2024-05-22 20:49:25 - INFO - 21665 - Regexp: String:1 07 E8 05 18 17 10 35 00 S-Edition Primary Select 11.1.3.1.0 build 34 1 => REGEXP:^1.*1$
2024-05-22 20:49:25 - INFO - 21665 - Status: 0 (0)
2024-05-22 20:49:25 - INFO - 21665 - Severity id: null
2024-05-22 20:49:25 - INFO - 21665 - Severity name: null
2024-05-22 20:49:25 - INFO - 21665 - Severity level: null
2024-05-22 20:49:25 - INFO - 21665 - SUBMIT: Force service status via passive check update
2024-05-22 20:49:25 - INFO - 21665 - SUBMIT: Launched command: /bin/echo "EXTERNALCMD:1:[1716403765] PROCESS_SERVICE_CHECK_RESULT;IPO;Voicemail service;0;1" >> /var/lib/centreon/centcore/1716403765-traps
2024-05-22 20:49:25 - INFO - 21664 - SUBMIT: Force service status via passive check update
2024-05-22 20:49:25 - INFO - 21664 - SUBMIT: Launched command: /bin/echo "EXTERNALCMD:1:[1716403765] PROCESS_SERVICE_CHECK_RESULT;IPO;OneX Portal service;0;1" >> /var/lib/centreon/centcore/1716403765-traps
#############################################
Both services switcyh to OK, but only service “Voicemail service” must switch to OK
Here is my config:
+19
This is “normal”.
You have 2 matching rules on your trap definition and you link this one to your both service.
Si if a matching rule matches, both service will change in the same time.
You can use Centreon DSM or declare 2 SNMP traps definition with each one 1 matching rule.
Are you sure ? It’s normal to link multiple services to a signgle trap definition with many matchging rules.
I have a working example.
This is the way to configure traps when the constructor provide a unique base OID for multiple alarms.
You cannot create both trap definition with the same OID:
Here is my working example:
For me, the issue come from Centreon, maybe a limitation or a bug ?
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
