-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathsnmptrap.rb
85 lines (70 loc) · 2.32 KB
/
snmptrap.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
require "logstash/outputs/base"
require "logstash/namespace"
class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
#USAGE:
#output {
# snmptrap {
# codec => ... # codec (optional), default: "line"
# host => ... # string (optional), default: "0.0.0.0"
# port => ... # number (optional), default: "162"
# community => ... # string (optional), default: "public"
# oid => ... # string (required)
# yamlmibdir => ... # string (optional)
# }
#}
config_name "snmptrap"
milestone 1
default :codec, "line"
#address of the host to send the trap/notification to
config :host, :validate => :string, :default => "0.0.0.0"
#the port to send the trap on
config :port, :validate => :number, :default => 162
#the community string to include
config :community, :validate => :string, :default => "public"
#the OID that specifies the event generating the trap message
config :oid, :validate => :string, :required => true
# directory of YAML MIB maps (same format ruby-snmp uses)
config :yamlmibdir, :validate => :string
def initialize(*args)
super(*args)
end
public
def register
require "snmp"
#from snmp trap input plugin, thanks
if @yamlmibdir
@logger.info("checking #{@yamlmibdir} for MIBs")
Dir["#{@yamlmibdir}/*.yaml"].each do |yamlfile|
mib_name = File.basename(yamlfile, ".*")
@yaml_mibs ||= []
@yaml_mibs << mib_name
end
@logger.info("found MIBs: #{@yaml_mibs.join(',')}") if @yaml_mibs
end
@codec.on_event do |event|
#set some variables for the trap sender
trapsender_opts = {:trap_port => @port, :host => @host, :community => @community }
#check for and add user specified mibs
if @yaml_mibs && !@yaml_mibs.empty?
trapsender_opts.merge!({:mib_dir => @yamlmibdir, :mib_modules => @yaml_mibs})
end
#prep and do the full send
SNMP::Manager.open(trapsender_opts) do |snmp|
#set it up and send the whole event using the user specified codec
varbind = SNMP::VarBind.new(@oid, SNMP::OctetString.new(event))
#we dont actually care about the sys_up_time...do we. Also I am re-using the oid that was input.
snmp.trap_v2(12345, @oid, varbind)
end
end
end
public
def receive(event)
return unless output?(event)
if event == LogStash::SHUTDOWN
finished
return
end
@oid = event.sprintf(@oid)
@codec.encode(event)
end
end