[clug] pysnmp and decoding SNMP Traps

jeff jeffm at ghostgun.com
Thu Jul 15 20:56:21 MDT 2010 

  One for the python guys on the list who like a challenge.

I'm attempting to decode SNMP v1 Traps received from a piece of 
Sun/Oracle equipment and am struggling to make sense of the varbinds 
field.  The objective is to extract the correct OID and other values to 
generate a nice human readable string to inject into the monitoring system.

For example, in the call back function I have,

def process_trap(transportDispatcher, transportDomain, transportAddress, 
wholeMsg):
...
reqPDU = pMod.apiMessage.getPDU(reqMsg)
...
varBinds = pMod.apiPDU.getVarBindList(reqPDU)

for oid, val in varBinds:
       print oid.prettyPrint(), val.prettyPrint()


which in response to test traps gives,

1.3.6.1.2.1.1.3.0 _BindValue:
  value=ObjectSyntax:
   application-wide=ApplicationSyntax:
    timeticks-value=3370754667

1.3.6.1.6.3.1.1.4.1.0 _BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    objectID-value=1.3.6.1.4.1.42.2.225.1.3.0.1

1.3.6.1.4.1.42.2.225.1.2.1.2.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=4bdbe159-3754-469e-fa68-adbf29a58e3f

1.3.6.1.4.1.42.2.225.1.2.1.3.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=alert.ak.test

1.3.6.1.4.1.42.2.225.1.2.1.4.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=A test alert has been posted.

1.3.6.1.4.1.42.2.225.1.2.1.6.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=AK-8000-LM

1.3.6.1.4.1.42.2.225.1.2.1.7.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=alert

1.3.6.1.4.1.42.2.225.1.2.1.8.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=Minor

1.3.6.1.4.1.42.2.225.1.2.1.9.36.52.98.100.98.101.49.53.57.45.51.55.53.52.45.52.54.57.101.45.102.97.54.56.45.97.100.98.102.50.57.97.53.56.101.51.102 
_BindValue:
  value=ObjectSyntax:
   simple=SimpleSyntax:
    string-value=None.

I'd like to turn this into

("1.3.6.1.4.1.42.2.225.1.3.0.1", "alert.ak.test alert Minor")

Anyone know what the correct function(s) to call to extact the values 
and the types? I've tried looking at the code  for pysnmp, but it seems 
to be mostly a chain of inheritance and the web searches I attempted 
didn't turn up anything useful.

Jeff.

More information about the linux mailing list