[clug] pysnmp and decoding SNMP Traps

jeff jeffm at ghostgun.com
Fri Jul 16 00:28:43 MDT 2010 

  On 16/07/10 1:14 PM, Carlo Hamalainen wrote:
>
> It's not immediately obvious to me which bit of output is what... can
> you show the output with this for loop?
Sorry about that. I've been staring at this for so long my eyes just 
automatically pick it out. See the end of this email for dump with labels.

> for oid, val in varBinds:
>       print 'oid:', oid.prettyPrint()
>       print 'val:' val.prettyPrint()
>       print
>
>
> Is this of any use?
> http://code.activestate.com/recipes/137951-dump-all-the-attributes-of-an-object/
Yes, though it has left me with as many questions as I started with. I 
think I've nutted abit of it out by running

% python  -m pdb snmp2zabbix.py

listing until I found a suitable place to break. Inserting a break, via 
the break command and then continuing to that point. I then import 
objdump (the script you pointed to above) and did

(Pdb) objdump.dumpobj(val)

I was using the getComponentByPosition() method as most of the examples 
I'd seen used setComponentByPosition() and this was the logical inverse 
operator. The dump how ever highlight the existence of a getComponent() 
method. I can then work my way done the chain by calling this method and 
end up with

val.getComponent().getComponent().getComponent().prettyPrint()

this seems to work with all the values. Just need to find a way to 
identify val with ObjectIdentifier as oppose to the timeticks, eg

(Pdb) val.getComponent().getComponent().getComponent().subtype()
ObjectIdentifier('1.3.6.1.4.1.42.2.225.1.3.0.1')
(Pdb) val.getComponent().getComponent().getComponent().prettyPrint()
'1.3.6.1.4.1.42.2.225.1.3.0.1'

I suppose using the oid would accomplish this. I'll wrap it all up in a 
try..except so that if this fails it will then generate a different 
alert message telling me I need to debug my code.

For anyone else suffering this problem,

SNMPTRAPOID = "1.3.6.1.6.3.1.1.4.1.0"
....
def process_trap(transportDispatcher, transportDomain, transportAddress, 
wholeMsg):
.....
                for oid, val in varBinds:
                     oidstr = oid.prettyPrint()
                     valstr = 
val.getComponent().getComponent().getComponent().prettyPrint()
                     if oid.prettyPrint() == SNMPTRAPOID:
                         trapoid = valstr
                     else:
                         condenced.append(valstr)
                 print "trap: ", trapoid, "text: ", " ".join(condenced)


produces,

trap:  1.3.6.1.4.1.42.2.225.1.3.0.1 text:  3371926499 
21db5a35-49b3-41ee-e137-ef7f6528b4ff alert.ak.test A test alert has been 
posted. AK-8000-LM alert Minor None.

thanks,

Jeff.

More information about the linux mailing list