v0.3.2

New Features

• Arguments passed to docker run will be passed to snmptrapd for further customization

v0.3.1

New Features

• Add AES-192 and AES-256 privacy protocols
• Add SHA-224, SHA-256, SHA-384, SHA-512 authentication protocols

v0.3.0

New Features

• New functions OidValueAny, OidValueNumber, and OidValueString. It extracts value by its OID or MIB Name. It's a short version of count(values, .mib_name startsWith "DISMAN-EVENT-MIB::sysUpTimeInstance") > 0 ? filter(values, .mib_name startsWith "DISMAN-EVENT-MIB::sysUpTimeInstance")[0].value : nil

v0.2.1

Bug Fix

• Custom MIBs placed in /etc/trap2json/mibs are not loaded

v0.2.0

Breaking Changes

• Forwarder config value_json_format and value_json_is_flat is removed in favor of more powerful map and MergeMap functions
• source_address field is removed in favor of src_address, src_port, dst_address and dst_port
• agent_address_object_prefix is removed, you can do it directly on json_format

New Features

• Forwarder auto retry with exponential backoff delay
• You can now define queue_size as -1 for unbounded queue
• Change expression evaluation to github.com/antonmedv/expr see the complete language defintion
• Shutdown wait time for each forwarder can be defined. Useful to wait queue to be cleared before exiting.

Improvement

• Malformed json_format or filter expression is now errored at application start

v0.1.4

Bug Fix

• Fix cases where message got corrupted in high burst scenario

v0.1.3

Bug Fix

• filter doesn't work because filter eval is comparing to pointer instead of value

v0.1.2

Bug Fix

• Fix cases where snmptrapd might have newline for long message
• Some value might be empty, introduce null type

Improvement

• Incorporate unit test in ci/cd

v0.1.0

First release!

Trap2JSON

Listens to SNMP Trap, converts it to json, and forwards it to other system.
Internally it uses snmptrapd to listen to incoming trap message, output it
to stdout and parse the messages. If you're familiar with how snmptrapd works,
you can add any configuration supported by snmptrapd.conf. Prior knowledge
for snmptrapd is not required as trap2json can handle common snmptrapd setup.

While this tool can forward snmptrap to many destinations, we treat zabbix
as the first class citizen and the main purpose for creating this tool. You
can use this as a solution for your distributed zabbix setup.

Features

• Parse snmp trap messages to JSON and send to many forwarders
• Supported forwarders
  • File/stdout
  • Kafka
  • MQTT Broker
  • SNMP Trap (like a proxy)
  • Zabbix
• Message filter for each forwarder
  • Decide which messages to drop
• Choose your own JSON schema
• Prometheus exporter
• Queued forwarder
  • If the queue is full for a forwarder, the message is dropped
• Supports trap/inform with version 1/2c/3 in a single endpoint

Installation

The supported way of running Trap2JSON is to use docker.
You can see sample config and its explanations at config.yml

docker run -v config.yml:/etc/trap2json/config.yml -p 162:10162/udp bangunindo/trap2json:latest

The docker image has default MIBs retrieved via snmp-mibs-downloader.
If you have your own MIBs, place it under /etc/trap2json/mibs

docker run -v /path/to/mibs:/etc/trap2json/mibs -v config.yml:/etc/trap2json/config.yml -p 162:10162/udp bangunindo/trap2json:latest

You might also want to adjust the timezone for better data readability

docker run -e TZ=Asia/Jakarta -v config.yml:/etc/trap2json/config.yml -p 162:10162/udp bangunindo/trap2json:latest

Zabbix Forwarder

For zabbix forwarder to work, you need to create an item with Zabbix Trapper type and text/log data type. If you need
to map the agent address to host's interface, consider using the advanced section of zabbix_trapper config in config.yml