zabbix配置snmp trap--使用snmptrapd和Bash接收器--图文教程
1.前言
我的zabbix的版本是5.0版本,5.0的官方文档没有使用bash接收器的示例,6.0的官方文档有使用bash接收器的示例,但是,下载文件的链接失效?!
这里讲解zabbix-server端配置和zabbix web端配置
2.zabbix-server端配置文件
执行第一步前,不管有没有用都去下载一下这些文件:yum install −y net-snmp-utils net-snmp-perl net-snmp
(1)配置Zabbix启动SNMP trapper并设置存放trap的文件
vim /etc/zabbix/zabbix_server.conf
StartSNMPTrapper=1
SNMPTrapperFile=/var/lib/zabbix/snmptraps/snmptraps.log
注意看下面:
1./var/lib/zabbix/snmptraps/这个路径要存在(也可自己另找路径存储)(没有自己去mkdir一下:mkdir -p /var/lib/zabbix/snmptraps);
2.snmptraps.log这个也要存在(没有自己去创建一个);
3.!!!!!最重要的是:“/var/lib/zabbix/snmptraps/snmptraps.log”要和接下来第二步里面的zabbix_trap_handler.sh里面的“ZABBIX_TRAPS_FILE=“/var/lib/zabbix/snmptraps/snmptraps.log” ”一致!!!!
(2)编辑添加/usr/sbin/zabbix_trap_handler.sh
官网给的这个命令:curl -o /usr/sbin/zabbix_trap_handler.sh https://raw.githubusercontent.com/zabbix/zabbix-docker/6.2/Dockerfiles/snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh–但是看着博客的你多半不行
所以看我这儿操作:vim /usr/sbin/zabbix_trap_handler.sh
把代码复制进去zabbix_trap_handler.sh
ZABBIX_TRAPS_FILE="/var/lib/zabbix/snmptraps/snmptraps.log"
ZBX_SNMP_TRAP_DATE_FORMAT=${ZBX_SNMP_TRAP_DATE_FORMAT:-"+%Y%m%d.%H%M%S"}
ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-"\n"}
date=$(date "$ZBX_SNMP_TRAP_DATE_FORMAT")
# The name of the host that sent the notification, as determined by gethostbyaddr(3).
# In fact this line is irrelevant and useless since snmptrapd basically attempts to
# perform reverse name lookup for the transport address (see below).
# In case of failure it will print "<UNKNOWN>"
read host
# The transport address, like "[UDP: [172.16.10.12]:23456->[10.150.0.8]]"
read sender
# The first OID should always be SNMPv2-MIB::sysUpTime.0
#read uptime
# the second should be SNMPv2-MIB::snmpTrapOID.0
#read trapoid
# The remaining lines will contain the payload varbind list. For SNMPv1 traps, the final OID will be SNMPv2-MIB::snmpTrapEnterprise.0.
vars=
while read oid val
do
if [ "$vars" = "" ]
then
vars="$oid = $val"
else
vars="$vars$ZBX_SNMP_TRAP_FORMAT$oid = $val"
fi
if [[ "$oid" =~ snmpTrapAddress\.0 ]] || [[ "$oid" =~ 1\.3\.6\.1\.6\.3\.18\.1\.3\.0 ]]; then
trap_address=$val
fi
done
[[ ${sender} =~ \[(.*?)\].*\-\> ]] && sender_addr=${BASH_REMATCH[1]}
! [ -z $trap_address ] && sender_addr=$trap_address
echo -e "$date ZBXTRAP $sender_addr$ZBX_SNMP_TRAP_FORMAT$sender$ZBX_SNMP_TRAP_FORMAT$vars" >> $ZABBIX_TRAPS_FILE
(3)将以下内容添加到snmtrapd.conf
vim /etc/snmp/snmptrapd.conf
traphandle default /bin/bash /usr/sbin/zabbix_trap_handler.sh
authCommunity log,execute,net public
注意看下面:
1.“authCommunity log,execute,net public”中“public”这里需要替换为你自己的snmp团体字
(4)重新启snmptrapd服务
systemctl restart snmptrapd.service
(5)测试
snmptrap -v 2c -c public 192.168.0.50:162 "" .1.3.6.1.2.1.1.1.0 SysDesc s "test from snmptrap tool"
然后cat /var/lib/zabbix/snmptraps/snmptraps.log,结果如下图所示