SNMP Traps LogSource Configuration

SNMP Traps type LogSource enables LogicMonitor collector to ingest SNMP traps to LogicMonitor logs without configuring alerts.

Requirements

• Collector version EA Collector 34.500 or later. For more information on upgrading collector, see Managing Collectors.
• Access to LogicMonitor UIv4

Configuration Options

The configuration option includes configuration details specific to the SNMP Traps LogSource. For more information on adding a LogSource, see Configuring a LogSource.

Info

Select LM Logs: SNMP Traps from the Type drop-down and provide basic information such as name, group name, description, and technical notes.

Exclude Filters

Traps that match with the exclude filter criteria are not ingested. You can use the following filters to exclude SNMP traps.

Available Parameters

Log Fields

You can configure Log Fields (tags) to add metadata to the log entry.

Available Parameters

Resource Mappings

For resource mapping you can configure LM log key to match a monitored resource’s LM property.

Available Parameters

Example

The following is an example of configuring an SNMP Traps LogSource.

Basic Information

Exclude Filters

Log Fields

Resource Mappings

Processing SNMP Traps using LogSource and EventSource

Collector processes SNMP traps using LogSource or EventSource. At a time, either LogSource or EventSource is used and under any scenario, both cannot be used simultaneously.

• Processing SNMP traps using LogSource–If a collector monitors a device with LogSource applied on it, the collector processes the SNMP traps only from devices on which LogSource is applied. Collector ignores (that is, does not process) traps from devices that do not have LogSource applied on them.
• Processing SNMP traps using EventSource–If LogSource is not applied on all the devices monitored by a collector, but EventSource is applied on them, the collector processes the SNMP traps from devices on which EventSource is applied.

Refer the following scenarios to understand how collector processes SNMP traps. In these scenarios, we have considered 3 devices monitored by the same collector. 

Scenario 1

The collector processes SNMP traps from both Device 1 and Device 3 only using LogSource as there is at least one device with LogSource applied on them.

The SNMP traps from Device 2 are ignored (that is, not processed) as LogSource is not applied on Device 2.

Scenario 2

The collector processes SNMP traps from both Device 1 and Device 2 only using EventSource as none of the devices have LogSource applied on them. The SNMP traps from Device 3 are ignored (that is, not processed) as Device 3 does not have EventSource applied on it.

Translating SNMP Traps using Custom MIBs

Starting with EA Collector 35.400 release, you can use the MIBs to JSON Converter Utility to convert the MIB files to JSON files. In a collector, the utility is located at [LogicMonitor Collector Directory]/bin/snmpMibsToJsonConversionUtil.

This Python-based utility is designed to convert the custom MIBs (which LogicMonitor does not support out-of-the-box) to enterprise JSON files, which the collector then uses to translate the SNMP traps. By default, the enterprise JSON files are placed in the [LogicMonitor Collector Directory]/snmpdb/custom directory. 

Requirements to Use the Utility

• Custom MIB files along with all its dependencies or parent MIB files.
• You must have Python version between 3.8 to 3.12 installed on your machine.
• The utility must be run with the same user which is used for installing the collector.
• Ensure that the definition of a MIB file is not part of multiple input MIB files. If it is, the utility will consider either of such files. For example, for the ABC MIB, there should not be multiple files with the below line
  ABC DEFINITIONS ::= BEGIN
• Install the dependencies of the utility. To do so, go to the utility directory [LogicMonitor Collector Directory]/bin/snmpMibsToJsonConversionUtil/ and run the following command:

pip install -r requirements.txt

How the Utility Generates the JSON Files

1. Run the snmpMibsToJsonConverter.py file provided in the utility directory.
2. Specify the directory path where the custom MIB files are placed.
3. Specify the directory path to generate the converted JSON files. By default, the files are generated in the default directory [LogicMonitor Collector Directory]/snmpdb/custom. However, you can specify a different directory.
4. The utility converts the MIB files and generates the JSON files in the directory that you specified.
5. If the JSON files are generated in a different directory, copy the files to the default directory [LogicMonitor Collector Directory]/snmpdb/custom.
6. When the collector restarts, the collector uses the JSON files to translate the corresponding SNMP traps.

If you have questions or face any issues while using the utility, contact your LogicMonitor Customer Success Manager (CSM).

Troubleshooting Utility Issues

When running the utility, look for the “Failed MIBs:” logs. Any error in the log indicates that the MIB conversion failed along with the reason for failure. In the “Failed MIBs:” logs, you can find the following log messages.

Missing Parent or Dependent MIB

Error

Failed MIBs: ABC (no module "XYZ" in symbolTable at MIB ABC)

The log indicates that conversion failed for the ABC MIB.

Solution

In the directory that you specified, add the “XYZ” MIB along with the other MIBs and run the utility again.

WinError 183

Error

Failed MIBs: ABC (failure writing file inter_json\ABC.json: [WinError 183] Cannot create a file when that file already exists: 'C:\\snmpMibsToJsonConversionUtil\\inter_json\\tmp44ahdl2d' -> 'inter_json\\ABC.json' at MIB ABC)

Solution

This error can occur only for the Windows OS. You can ignore this error, as the MIB is already compiled by the utility.