May 252015
 

For my current task at work – moving away from CA Spectrum to Zabbix – I’ve had to integrate NMIS with Zabbix for SMS alerting as we wanted all alerts to filter through Zabbix for easy tracking of SMSes, and also for the ServiceNow integration functions that I have built into my Zabbix instance.

To build the integration between NMIS and Zabbix, I had to create a custom script that NMIS would call which would then send an SNMP trap to Zabbix for processing.

On the Zabbix side, I needed to set up snmptt to process the traps so that Zabbix will recognise them as traps and action them as alerts.

The following sections will detail the bits I’ve setup to get this integration working

NMIS Configuration

NMIS Alert Script

This script is what NMIS calls when an alert is generated.

I’ve named this script “snmptrap.pm”, it’s based off the example script in /usr/local/nmis8/lib/Notify on the appliance.
If you name it something different, make sure you update the relevant lines in the script file.

package Notify::snmptrap; ## Update this if you change the name

require 5;

use strict;

use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $VERSION);

use Exporter;
use JSON::XS;
use File::Path;
use Net::SNMP;

$VERSION = 1.00;

@ISA = qw(Exporter);

@EXPORT = qw(
snmptrap ## Update this if you change the name
);

@EXPORT_OK = qw( );

my $dir = "/tmp/customsnmptrap"; ## This is the log directory, and can also be changed

sub sendNotification {
my %arg = @_;
my $contact = $arg{contact};
my $event = $arg{event};
my $message = $arg{message};

my $trapdestination = "10.0.0.5"; ## This should be your Zabbix server IP Address
my $trapcommunity = "public"; # Use your community string here
my $oid = "1.3.6.1.4.1.4818.1"; # I've used the OPMANTEK MIB OID here, but you can use your own if you want

if ( not -d $dir ) {
my $permission = "0770";

my $umask = umask(0);
mkpath($dir,{verbose => 0, mode => oct($permission)});
umask($umask);
}

# add the time now to the event data.
$event->{time} = time;

$event->{email} = $contact->{Email};
$event->{mobile} = $contact->{Mobile};

my ($sess, $err) = Net::SNMP->session(
-hostname => $trapdestination,
-version => 1, #trap() requires v1
-port => 162
);

if (!defined $sess) {
print "Error connecting to target ". $trapdestination . ": ". $err;
next;
}

my @vars = qw();
my $varcounter = 1;

push (@vars, $oid . '.' . $varcounter);
push (@vars, OCTET_STRING);

# This is where you set up the variables for the SNMP Trap message
push (@vars,$event->{level}.' : '.$event->{node}.' : '.$event->{element}.' : '.$event->{event});

my $result = $sess->trap(
-varbindlist => \@vars,
-enterprise => $oid,
-specifictrap => 1,
);

if (! $result)
{
print "An error occurred sending the trap: " . $sess->error();
}

my $fcount = 1;
my $file ="$dir/$event->{startdate}-$fcount.json";
while ( -f $file ) {
++$fcount;
$file ="$dir/$event->{startdate}-$fcount.json";
}

my $mylog;
$mylog->{contact} = $contact;
$mylog->{event} = $event;
$mylog->{message} = $message;

open(LOG,">$file") or logMsg("ERROR, can not write to $file");
print LOG JSON::XS->new->pretty(1)->encode($mylog);
close LOG;
# good to set permissions on file.....
}
1;

NMIS Alert Configuration

Now NMIS needs to be setup to call the new snmptrap.pm script when an alert is generated.
To setup NMIS, you’ll need to locate the escalation that requires the SNMP trap.
Open the escalations table by going to Setup --> Emails, Notifications and Escalation.
In the escalation table, find the alert that you need SNMP traps for, and add this to the escalation level that requires traps –
snmptrap:Contact – Replace Contact with a contact in NMIS.

Zabbix Configuration

Once NMIS has been setup to send traps to the Zabbix server, some configuration needs to be done on the Zabbix side.

SNMPTT Configuration

You’ll need to set up SNMPTT to receive SNMP traps from the OID you’re using in the snmptrap script.
In this example, I’m just going to set up a catchall to catch the SNMP traps, however you can use SNMPTT to parse different traps and generate different alerts.

Create a file in /etc/snmp called snmptt.conf.catch
In that file, put the following lines in
EVENT general .* "SNMP Catchall" Normal
FORMAT ZBXTRAP $aA $ar

You’ll also need to modify /etc/snmp/snmptt.ini to add the newly created file to the snmptt_conf_files configuration variable.
This can be done by appending the path to the list like this –

snmptt_conf_files = <<END
/etc/snmp/snmptt.conf.catch
END

If there are already lines there, then add the line to the block of text right before the last END

Zabbix Item Configuration

I’ve used the basic snmptrap.fallback method to catch all traps, but you can set up specific alerts in SNMPTT to generate different messages.
On the NMIS server, add an item of type SNMP Trap, and with a key of snmptrap.fallback.
This item will now get any SNMP traps from the Server, you can create a trigger if required to alarm on the SNMP traps, or just keep them for history.

Share

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

This site uses Akismet to reduce spam. Learn how your comment data is processed.