Community

Simple trap monitoring thanks to Pandora FMS SNMP alerts

July 29, 2020

Simple trap monitoring thanks to Pandora FMS SNMP alerts

This post is also available in : Spanish

SNMP alerts: what they are and why you should configure them

The SNMP world is becoming more and more important within the monitoring environment, as companies need to find software that has specialized tools for trap monitoring. If you are not familiar with the term SNMP, take a look here.

In this article, we will focus on Pandora FMS SNMP alerts, on how they work and how you can benefit from them.

What are SNMP alerts?

As some of you may already know, Pandora FMS has an alert system based on previously created modules, where different actions can be performed depending on the values that each module collects. We have even gone so far as to talk about more complex alerts derived from the events that are generated within Pandora FMS. Still, let’s take a brief look at the alert concept, focusing a little more on this particular type.

SNMP alert concept

The first big difference between the aforementioned alerts and SNMP alerts is the “arrival” of the data that triggers the alert. While in the first alerts, Pandora FMS is in charge of collecting data through remote or local checks, in this case, it is the device the one that will send Pandora FMS the trap that will trigger one of the configured alerts.

As there are several identifying fields within a trap, SNMP alert configuration is very versatile to be either very restrictive or very general when it comes to detecting the trap that triggers an alert.

Among the different configurable fields of SNMP alerts, it is worth highlighting:

  • Enterprise string
  • Custom OID value
  • Agent (IP)
  • SNMP trap type

Let’s take the case of a restrictive configuration or a very general configuration. For a general configuration, it would be enough to add, for example, an IP of a router from your network. In this case, any trap that arrives from that router will trigger the action that it has configured within the alert.

On the other hand, maybe you want to have an alert that fires in very special cases. To that end, for example, you have to fill in all the fields and set the alert to only fire when it comes from the router with IP XXXX, from OID .1.2.3.4.113.122, which is the type of interrupted linking trap.

What can I do with SNMP alerts?

There is a wide variety of actions that can be performed when Pandora FMS receives a trap, either with default actions or custom commands. Below we will see some examples of common actions in SNMP alerts.

Send an email

A widely used action is to simply send an email to the operator in charge of managing the company’s systems. This email could include specific details of the hardware that triggered the alert and its characteristics, keeping the operators up to date in real time.

Create event

When a trap is received, you can generate an event in Pandora FMS. This event would show which agent (IP) it is and what happened.

Let’s see a practical example. If you had an agent with IP 192.168.70.1, an IP that matches your main router and which is sending traps with its changes, once the trap arrives and matches the configuration of the created SNMP alert, it will create an event with custom data such as: event text, event type, agent, priority or even comments so that the operator of the event view can see the corresponding information.

Custom Commands

Just as there is a wide variety of traps that Pandora FMS can manage, custom measures can be created for each of them.

This configuration is designed to be able to generate multiple very specific SNMP alerts for each trap, hardware or status and to be able to take custom measures for each of the setbacks that may take place in your system.

Let’s look at a particular example of a custom command with specific settings. Suppose your SNMP alert setting is as follows:

  • Enterprise string: .1.3.6.1.4.1.9.9.826.1.21 (Ethernet port)
  • Agent (IP) 192.168.80.21
  • SNMP trap type: Broken link

So, if you get such a trap, what you need is to create a custom command that will get the link itself up, connecting to the router with IP 192.168.80.21 and execute the command: ”snmpset -v1 -c community hostname IF-MIB::ifAdminStatus.interface i 1” to activate it.

What are the advantages of SNMP alerts?

Although monitoring with traps itself is already a great advantage when it comes to talking about SNMP devices, there are many advantages when it comes to having SNMP alerts within the selected monitoring tool.

Control in the same tool

Thanks to the action described previously of creating an event, having all your devices’ traps pointing to Pandora FMS and with the corresponding general settings of SNMP alerts, you may have in a single window the total display of what is happening in all your devices simultaneously.

Simplification

By means of the possibility of sending an email to the tool’s operators, the data obtained through the trap that caused the SNMP alert to be triggered can be simplified. This means that the user who receives the alert does not have to know how to translate the trap OIDs or know the different types of traps that can be generated, since they can receive the email with all the necessary translations and clarifications created in the alert.

Automation

Perhaps the greatest advantage of SNMP alerts, as it can happen with the rest of Pandora FMS alerts, is the automation of actions to be carried out in different cases. As there is no SNMP alert creation limit, and since the trap reception limit is imposed by the hardware in which Pandora FMS is installed, you can cover a very wide range of automatic actions for the different problems that may take place within your monitored systems.

So far we have learned a little more about SNMP alerts in Pandora FMS. Would you like to find out more about what Pandora FMS can offer you? Find out clicking here.

Or if you have to monitor more than 100 devices, you can also enjoy a FREE 30-day Pandora FMS Enterprise TRIAL. Get it here.

Also, remember that if your monitoring needs are more limited, you have Pandora FMS OpenSource version available. Learn more about it here.

Do not hesitate to send us your questions. Pandora FMS team will be happy to help you!


Written by:



Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.