Datastax Opscenter 6.0 不发送 SNMP 陷阱答案

【问题标题】：Datastax Opscenter 6.0 not sending SNMP trapDatastax Opscenter 6.0 不发送 SNMP 陷阱
【发布时间】：2017-04-18 23:57:33
【问题描述】：

我正在使用 datastax opscenter 6.0 进行 DSE Cassandra 监控。已完成配置以发送 SNMP 陷阱，但陷阱接收器（本例中为 HP Openview）未收到此警报。我在 opscenter 日志文件中没有看到任何 SNMP 相关错误。如何追踪确切的错误？

这是我的 snmp.conf 文件：

 [snmp]
 # set to 1 to enable SNMP trap sending
 enabled=1

 # Levels can be a comma-delimited list of any of the following:
 # DEBUG,INFO,WARN,ERROR,CRITICAL,ALERT
 # If the left is empty, OpsCenter will listen for all levels.
 levels=ALERT

 # Comma-delimited list of cluster names for which
 # this alert config will be eligible to run.
 # If left empty, this alert will be called for events on all clusters.
 clusters=

 # SNMP engine ID, specified by rfc3411 and rfc5343.
 # See http://tools.ietf.org/html/rfc3411#section-5
 # SnmpEngineID definition for more information.
 #
 # 32 octet (max length) unique hex engine ID. Must not be all zeroes or all
 # 255's. The first four octets specify the enterprise ID, left filled
 # with zeroes and starting with an 8. The fifth octet specifies a format scheme
 # that specifies the nature of the remaining octets. The remaining octets
 # are given in accordance with the specified format.
 #
 # Format Schemes:
 # 1 -- IPv4 Address scheme
 # 2 -- IPv6 Address scheme
 # 3 -- MAC Address scheme
 # 4 -- Text Address scheme
 # 5 -- Octets scheme
 #
 # Default scheme is octets scheme; if nothing else, you should change
 # 01020304 to a unique octet string.
 #engine_id=80:00:00:00:05:01:02:03:04

 # IPv4 address of the SNMP target.
 target_ip=*.*.*.*         ( commented due to security urpose )

 # Port to direct traps to on the SNMP target.
 target_port=162

 # Set to 1 to use SNMPv3 and the user/privacy key/auth key model. Set to 0 to
 # use SNMPv1/community model.
 use_snmpv3=0

 # SNMPv1/2 community name (for community security model)
 community_name=public

 # SNMPv3 username
 #user=opscusername

 # SNMPv3 authentication protocol
 # Options:
 #   MD5 -- MD5-based authentication protocol
 #   SHA -- SHA-based authentication protocol
 #   NoAuth -- no authentication to use
 #auth_protocol=SHA

 # SNMPv3 authentication key
 #auth_key=authkey1

 # SNMPv3 privacy protocol
 # Options:
 #   DES -- DES-based encryption protocol
 #   AES -- AES128-based encryption protocol (RFC3826)
 #   3DES -- triple DES-based encryption protocol (Extended Security Options)
 #   AES192 -- AES192-based encryption protocol (Extended Security Options)
 #   AES256 -- AES256-based encryption protocol (Extended Security Options)
 #   NoPriv-- no encryption to use
 #privacy_protocol=AES

 # SNMPv3 privacy key
 #privacy_key=privkey1

【问题讨论】：

标签： cassandra snmp datastax-enterprise opscenter snmp-trap

【解决方案1】：

尝试将levels=ALERT 设置为levels= 并确保它不只是过滤您首先要查找的事件（一旦让它按您的意愿工作，可以将其转回，只是更容易查看更多内容）。

可以使用 wireshark 或 tcpdump 来检查是否发送了类似以下内容的陷阱：

tcpdump -i eth1 -T snmp  "(port 161 or 162)"

（注意：eth1 可能需要替换为您的接口名称）。正确设置 SNMP 客户端也可能有点麻烦，因此可以检查它们是否正在发送且未处理与未发送。

【讨论】：

生成了以下跟踪转储 07:57:05.158852 IP ukxxxxx.uk.xxxx-intl.com.58993 > snvxxxx.uk.xxx-intl.com.snmptrap: V2Trap(433) S:1.1 .4.1.0=E:46272.1.0.3 system.sysDescr.0="系统描述" E:46272.1.0.2.1.2=2 :46272.1.0.2.1.3="WARN" :46272.1.0.2.1.4="节点关闭: xx.xx.xx.xx" E:46272.1.0.2.1.5=13 :46272.1.0.2.1.6="FICCBTD1" :46272.1.0.2.1.7="OpsCenter" :46272.1.0.2.1.10="1472194625155000" :46272.1 .0.2.1.11="2016 年 8 月 26 日 06:57:05 GMT" E:46272.1.0.2.1.8="10.60.16.88" E:46272.1.0.2.1.9="无" E:46272.1.0.2.1.12="无" E:46272.1.0.2.1.13="无"
从上面的跟踪转储来看，snmp 陷阱将发送到 HP Openview 陷阱接收器，但 HP Openivew 无法获取它们。已启用增强跟踪，但未从 Opscenter 服务器收到陷阱。