Sending SNMP Traps containing custom data

Matt picture Matt · Jan 7, 2016 · Viewed 11.6k times · Source

A client has requested that instead of email alerts that we send SNMP Traps to their Nagios server instead. The only thing I knew about SNMP before yesterday was that it sounded like an acronym, so please excuse (and correct me on) any misconceptions about it that I may have.

The only information that needs to be sent in the trap pertains to data about the event we are alerting our client about, which is just a couple of values pulled from our database. Needless to say these aren't in any sort of MIB, nor do they have any OIDs, and this is where I'm having trouble finding answers.

I can't figure out how I am meant to add our specific data to the trap without using MIB OIDs, which I don't have.

I'm using PySNMP to generate the request and have only incomplete code right now as I'm not sure how to go about incorporating our data into the packet.

from pysnmp.hlapi import *

def sendSNMP(destination, community_string, data):
    community = CommunityData(community_string, mpModel = 0)
    target = UdpTransportTarget((destination, 162))
    notification_type = None
    req = sendNotification(SnmpEngine(), community, target, ContextData(), 'trap', notification_type)
    errorIndication, errorStatus, errorIndex, varBinds = next(req)

Any assistance is appreciated! Thanks.

Answer

McDowell picture McDowell · Jan 11, 2016

On a purely technical level you could use any OID for any purpose. However, SNMP was designed to be a committee-managed protocol.

If your traps or their varbinds do not conform to standard messages/types your OIDs should begin with 1.3.6.1.4.1.YOUR_ENTERPRISE_NUMBER. If your company or your client do not have a registered Private Enterprise Number (PEN) you can request one from IANA without charge. If someone is managing your PEN you should ask them for an OID for your product domain.

The PEN list is full of individual's email addresses. There is an element of industry-level trust in this system. It is not unusual to work with someone who controls the enterprise number of a competitor. If you assume responsibility for a PEN then you assume the ethical responsibilities that go with it.

You do not have to write or publish MIBs for enterprise ranges though you may want to author them for your client's benefit.

SNMP is an old protocol. The preferred replacement is NETCONF, or so I am told.