SNMP stands for Simple Network Management Protocol, which is a widely used method of sharing information between devices on a network, regardless of differences in device hardware or the software they’re running. The function of SNMP agents can be interrupted when a device’s network card breaks, but the next time the SNMP manager sweeps the network for responses, the emergency condition or event will be detected. This causes the SNMP agents monitoring the devices to stop operating, preventing them from contacting the SNMP manager. Fatal errors, for instance, cause devices to stop functioning. On the other hand, some serious events and conditions may not result in trap messages. For instance, SNMP agents installed on printers can treat a low toner cartridge as a trap condition and will notify the SNMP manager when the printer detects supplies are beginning to run low. Traps are the most convenient way to get notifications regarding network events and can be set for conditions with varying degrees of severity. This makes them valuable-if not necessary-assets for network monitoring. SNMP traps are unique because they’re the only notification method SNMP agents can initiate. These emergency notifications are known as SNMP traps. However, if an agent detects certain emergency conditions or events, it’ll send a warning notification to the manager without a prior request for data. Normal SNMP operations designate that device agents take passive roles, which means they’ll only send SNMP messages if the SNMP manager sends a request.
1.3.6.1.6.3.1.1.5.3.0.33 Normal "General event" localhost - 127.0.0.SNMP traps are the most commonly used kind of SNMP message. snmptt.ini - configure output file and time format:.zabbix_nf - configure Zabbix to start SNMP trapper and set the trap file:.This example uses snmptrapd + SNMPTT to pass traps to Zabbix server. File systemīecause of the trap file implementation, Zabbix needs the file system to support inodes to differentiate files (the information is acquired by a stat() call). The log file must be rotated before reaching this limit. The maximum log file size supported by Zabbix is 2 gigabytes. Note: Starting with Zabbix 2.0.5, user macros and global regular expressions are supported in the parameter of this item key.Ĭatches all SNMP traps from a corresponding address that were not caught by any of the snmptrap items for that interface This item is supported starting from version 2.0.0. This item can be set only for SNMP interfaces. In the Key field use one of the SNMP trap keys: KeyĬatches all SNMP traps from a corresponding address that match the regular expression specified in regexp The address from each received trap is compared to the IP and DNS addresses of all SNMP interfaces to find the corresponding hosts. In Configuration → Hosts, in the Host interface field set an SNMP interface with the correct IP or DNS address. (This is configured by "Log unmatched SNMP traps" in Administration → General → Other.)Ĭonfiguring the following fields in the frontend is specific for this item type: If the trap was not set as the value of any item, Zabbix by default logs the unmatched trap.If no matching item is found and there is an "snmptrap.fallback" item, the trap is set as the value of that. The trap is set as the value of all matched items. For each found item, the trap is compared to regexp in "snmptrap".Note that only the selected "IP" or "DNS" in host interface is used during the matching. For each trap Zabbix finds all "SNMP trapper" items with host interfaces matching the received trap address.Zabbix SNMP trapper reads and parses the trap file.SNMPTT or Perl trap receiver parses, formats and writes the trap to a file.snmptrapd passes the trap to SNMPTT or calls Perl trap receiver.Receiving SNMP traps in Zabbix is designed to work with snmptrapd and one of the built-in mechanisms for passing the traps to Zabbix - either a perl script or SNMPTT. Using traps may detect some short problems that occur amidst the query interval and may be missed by the query data. Usually traps are sent upon some condition change and the agent connects to the server on port 162 (as opposed to port 161 on the agent side that is used for queries). In this case the information is sent from a SNMP-enabled device and is collected or "trapped" by Zabbix. Receiving SNMP traps is the opposite to querying SNMP-enabled devices.