Forwarding events from one OpenNMS server to another using SNMPv3

how-to
#1

Here we’ll show how to use scriptd and trapd to forward events from one OpenNMS system to another via SNMPv3. In this specific example, we’ll use the same system to generate and receive events to keep things a little simpler, but it can be easily adapted to work between hosts.

First, configure $OPENNMS_HOME/etc/scriptd-configuration.xml with:

<?xml version="1.0" encoding="UTF-8"?>
<scriptd-configuration xmlns="http://xmlns.opennms.org/xsd/config/scriptd">
  <engine language="beanshell" className="bsh.util.BeanShellBSFEngine" extensions="bsh"/>
  <start-script language="beanshell"><![CDATA[
    log = bsf.lookupBean("log");
    snmpTrapHelper = new org.opennms.netmgt.scriptd.helper.SnmpTrapHelper();
    snmpv3TrapHelper = new org.opennms.netmgt.scriptd.helper.SnmpV3TrapEventForwarder(
          "127.0.0.1", /* ip */
          162, /* port */
          1, /* security level: noAuth,noPriv=1, auth,noPriv=2, auth,priv=3 */
          "opennmsUser", /* security name */
          "0p3nNMSv3", /* auth pass phrase */
          "MD5", /* auth protocol: MD5, SHA */
          "0p3nNmsv3", /* priv pass phrase */
          "DES", /* priv protocol: DES, AES, AES192, AES256 */
          snmpTrapHelper /* helper */
    );
    // Use the default policy rule that forwards all events - we can manage the filtering ourselves in this script
    snmpv3TrapHelper.setEventPolicyRule(new org.opennms.netmgt.scriptd.helper.EventPolicyRuleDefaultImpl());
  ]]></start-script>
  <stop-script language="beanshell"><![CDATA[
    snmpTrapHelper.stop();
  ]]></stop-script>
  <event-script language="beanshell"><![CDATA[
    event = bsf.lookupBean("event");
    if (event != null && !event.getSource().equals("trapd")) {
        log.debug("Forwarding SNMPv3 trap with: {}", snmpv3TrapHelper);
        snmpv3TrapHelper.flushEvent(event);
    }
  ]]></event-script>
</scriptd-configuration>

This script forwards all events which are not sourced directly from traps to 127.0.0.1:162 as an SNMPv3 trap.

Then update the SNMPv3 settings $OPENNMS_HOME/etc/trapd-configuration.xml with:

<trapd-configuration xmlns="http://xmlns.opennms.org/xsd/config/trapd" snmp-trap-address="*" snmp-trap-port="162" new-suspect-on-trap="true" include-raw-message="false" threads="0" queue-size="10000" batch-size="1000" batch-interval="500">
  <snmpv3-user security-name="opennmsUser" auth-passphrase="0p3nNMSv3" auth-protocol="MD5" privacy-passphrase="0p3nNMSv3" privacy-protocol="DES" security-level="1"/>
</trapd-configuration>

The snmpv3-user element is the important line - settings must match those set in the script.

Next, restart OpenNMS and trigger some events.

In the WebUI, we should now see events that look like:

If you don’t see any events verify the following:

  1. There is an existing node with interface 127.0.0.1 in the Default location. If not, you could try enabling new-suspect-on-trap in the trapd configuration.
  2. trapd and scriptd are enabled in etc/service-configuration.xml
  3. trapd is listening on port 162
  4. Check trapd.log and scriptd.log for errors
1 Like