On 2015-01-13 17:03, Yamaban wrote:
On Tue, 13 Jan 2015 16:23, Carlos E. R. <robin.listas@...> wrote:
First error here: either you remove the part "${SNMPD_LOGLEVEL:-n}", or edit the config-file where this is defined:
In file "/etc/init.d/snmptrapd" line 26 says: "SNMPD_CONFIG=/etc/sysconfig/net-snmp"
File "/etc/sysconfig/net-snmp": SNMPD_LOGLEVEL="i" (default is "n")
I found out that later, the email illustrates the finding process :-)
[snip]
The log changes:
AmonLanc:~ # l /var/log/net-snmpd.log srwxr-xr-x 1 root root 0 Jan 13 15:57 /var/log/net-snmpd.log= AmonLanc:~ #
The result is that I can not even try to read it:
AmonLanc:~ # less /var/log/net-snmpd.log /var/log/net-snmpd.log is not a regular file (use -f to see it) AmonLanc:~ # less -f /var/log/net-snmpd.log /var/log/net-snmpd.log: No such device or address AmonLanc:~ #
Now, this is just wrong. That should be a plain test file, not a socket. Remove file, create empty file as root, set mode:
No, the "/usr/sbin/snmptrapd" program created the socket (I thought it was a pipe, I'm not familiar with named such), automatically. When I reverted the change to the command call, it went back to a normal file. Why it went to be socket, the manual does not say in the -LF explanation paragraph. Or I did not understand it.
SNMPD_LOGLEVEL="a"
With this you only log the highest level, alert = a = 0 = LOG_ALERT
I found out that later, as my email described. Initially I thought that 'a' stood for "all". Trial and test procedure. Now I have a "7". :-)
Lets look at the full picture:
snmpwalk -v 2c -c public 192.168.1.1
The output will be long, maybe use a redirect into a file, or pipe into a pager.
575 lines.
This gives you a hint (OID) to what to define a trap for. e.g. for my easy.box router a grepped output of above:
Interesting.
The command:
snmptable -v 2c -c public 192.168.1.1 .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable
should (for most routers) give the info above as a table
It does, yes. :-) Much clearer. A partial dump (right side eliminated, to reduce size): SNMP table: IF-MIB::ifTable ifIndex ifDescr ifType ifMtu ifSpeed ifPhysAddress ifAdminStatus ifOperStatus ifLastChange ifInOctets ifInUcastPkts ifInNUcastPkts ... ... 1 lo softwareLoopback 16436 10000000 up up 0:0:00:00.00 11457 39 0 2 ifb0 ethernetCsmacd 1500 100000000 fa:5c:27:a5:9b:96 up up 0:0:00:00.00 2149514530 167200975 0 3 ifb1 ethernetCsmacd 1500 100000000 b2:cf:fd:d9:49:17 up up 0:0:00:00.00 2527931709 170609810 0 4 gre0 ethernetCsmacd 1476 100000000 down down 0:0:00:00.00 0 0 0 5 sit0 ethernetCsmacd 1480 100000000 down down 0:0:00:00.00 0 0 0 6 ip6tnl0 ethernetCsmacd 1460 100000000 down down 0:0:00:00.00 0 0 0 7 eth0 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 3292715655 173486729 0 8 eth1 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:23 down down 0:0:00:00.00 0 0 0 9 eth0.2 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 259769855 159060267 0 10 eth0.3 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 4010041 57925 0 11 eth0.4 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 27751566 555019 0 12 eth0.5 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 3001184338 13813519 0 13 br0 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 2016987080 166645366 0 14 wifi0 ethernetCsmacd 1500 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 0 166079559 0 15 ath0 ethernetCsmacd 2290 100000000 f8:1a:67:91:f4:22 up up 0:0:00:00.00 3758522139 12232150 0 16 nas0 aal5 1500 0 78:1a:67:91:f4:23 up down 0:0:00:00.00 0 0 0 17 nas0_1 aal5 1500 0 f8:1a:67:91:f4:23 up down 0:0:00:00.00 0 0 0 18 nas1 aal5 1500 0 7a:1a:67:91:f4:23 up down 0:0:00:00.00 0 0 0 19 nas1_1 aal5 1500 0 fa:1a:67:91:f4:23 up down 0:0:00:00.00 2057650864 173525023 0 22 ppp1 ppp 1480 0 up down 0:0:00:00.00 637671953 5584182 0 So perhaps what I have to look for is for the ifInOctets and ifOutOctets columns. Apparently there is a row for each eth interface, the wifi... I suppose one of them would be the adsl pipe. I could interrogate at intervals and calculate traffic. Perhaps the "ppp1" line. Or no, ifOperStatus is down. But the ifInOctets value changes with time.
It's long since I had to use snmp to debug a network (1997), thus the knowlegde of trap design is no longer there. Sorry.
No, you got me forward :-) It may be doable, one day I'm bored or very interested to code it. For now, my curiosity is satisfied. If I were to find an application, ready made, that does it, that would be different. A plugin for gkrellm, perhaps... -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)