我正在尝试通过扩展 snmp 来在 NTP 发生故障时生成 DISMAN EVENT。已编写 shell 脚本来扩展 mib。使用 NTPv4-MIBhttps://datatracker.ietf.org/doc/html/rfc5907。在自定义直通脚本中,如果 ntpstat 命令返回 1,我将 NTPv4-MIB::ntpEntStatusCurrentMode 设置为 2。
/etc/snmp/snmpd.conf
pass .1.3.6.1.2.1.197.1 /bin/sh /usr/share/snmp/snmpconf-data/snmpd-data/exampleScriptNtp.sh
monitor -r 60 -u snmpuser -o NTPv4-MIB::ntpEntNotifMessage "System not in sync with NTP" NTPv4-MIB::ntpEntStatusCurrentMode == 2
trap2sink x.x.x.x public
但是当我删除/var/lib/net-snmp/.snmp-exec-cache
文件 traps 时,trapsync 会将其淹没,如下所示。
13:45:14.812399 IP x.x.x.x.47674 > hostname.snmptrap: V2Trap(190) system.sysUpTime.0=12688 S:1.1.4.1.0=88.2.0.1 8" System not in sync with NTP" 88.2.1.2.0="" 88.2.1.3.0="" 88.2.1.4.0=197.1.2.1 88.2.1.5.0=2 197.1.5.1=[noSuchInstance]
13:45:14.816145 IP x.x.x.x.47674 > hostname.snmptrap: V2Trap(190) system.sysUpTime.0=12688 S:1.1.4.1.0=88.2.0.1 8" 88.2.System not in sync with NTP 1.2.0="" 88.2.1.3.0="" 88.2.1.4.0=197.1.2.1 88.2.1.5.0=2 197.1.5.1=[noSuchInstance]
我可以从 snmp 调试日志中看到事件条目已创建。但陷阱并未触发
disman:event:conf: _BSystem not in sync with NTP: Bool (NTPv4-MIB::ntpEntStatusCurrentMode, 2, 2)
trace: build_oid_noalloc(): mib.c, 3896:
build_oid_noalloc: generated: .10.115.110.109.112.100.46.99.111.110.102.83.121.115.116.101.109.32.110.111.116.32.105.110.32.115.121.110.99.32.119.105.116.104.32.78.84.80
trace: mteTrigger_createEntry(): disman/event/mteTrigger.c, 98:
disman:event:table: Create trigger entry (snmpd.conf, System not in sync with NTP)
trace: build_oid_noalloc(): mib.c, 3896:
build_oid_noalloc: generated: .10.115.110.109.112.100.46.99.111.110.102.83.121.115.116.101.109.32.110.111.116.32.105.110.32.115.121.110.99.32.119.105.116.104.32.78.84.80
trace: netsnmp_tdata_add_row(): helpers/table_tdata.c, 264:
tdata_add_row: added row (0x55fc4a3c33a0)
trace: mteTrigger_createEntry(): disman/event/mteTrigger.c, 148:
disman:event:table: Trigger entry created