There are two ways to check the RipEX stations. You can actively query the station in the defined time intervals or you can just wait for the trap to be received.
If you have a defined item which is updated e.g. every 10 seconds. Zabbix requests a reply to the SNMP GET message for the specific OID object and it stores this value in the database at 10 second intervals.
A trigger can also be configured for each item. For instance, temperature threshold alarm is set to 50°C. Whenever Zabbix receives an SNMP RESPONSE message from any monitored host with temperature higher than 50°C, an alarm is triggered. If the alarm is triggered, it is displayed at the Zabbix Dashboard. The Alarm will be visible in the “Last 20 issues” table and you will see which host is having an issue in the “Host status” table.
When the temperature falls back into the allowed range, the issue will be deleted from the Zabbix dashboard.
The key aspect of the SNMP are the TRAPS/INFORMS. These OID objects are not actively monitored by the Zabbix manager but by the RipEX itself. This behaviour is described in the on-line help on RipEX web Settings page or in the User manual.
This, unfortunately, is a somewhat complex procedure. There are several ways to configure traps – only one of them will be explained in this guide.
Other approaches could be using SNMPTT functionality or Perl scripts.
The following section will explain the SNMPv2c Traps only. The SNMPv3 or SNMP Informs differencies and requirements are explained at the end of this section.
You have to install an snmptrapd, a daemon which receives SNMP traps and pass them into the Zabbix front-end. Keep in mind to start it automatically after the system start, e.g. via the command:
# systemctl enable snmptrapd
Zabbix server must be configured to start the SNMP Trapper
process. Enable it in the
Define the LOG file as well.
Save the changes and create the file manually using the following command:
$ touch /var/log/snmptrap/snmptrap-zabbix.log
Restart the Zabbix server daemon.
You can use the script (snmptrap.sh) which
is included in the RipEX_Zabbix_templ.zip file downloadable from
website. Copy the script file into
/usr/lib/zabbix/externalscripts/ directory and change the
file privileges and make it executable.
# mkdir -p /usr/lib/zabbix/externalscripts; chown zabbix /home/zabbix # cp misc/snmptrap/snmptrapd.sh /home/zabbix/bin # chmod +x /usr/lib/zabbix/externalscripts/snmptrapd.sh
After that, you need to edit the file. By executing
$ which zabbix_sender
you will find the full path to this executable binary file. Change the path in the file, e.g.
The script parses the output of each received SNMP trap, selects the appropriate host and declares an associative array containing trap descriptions. Eventually, it sends the whole message to your Zabbix server.
You should also check the LOG destination, which should be:
/var/log/snmptrap/snmptrap-bash.log. Create the directory
if not already created and edit this in the
The log file could also be located in
For a correct snmptrap.sh script functionality, RipEX MIB must
be configured in the Zabbix server. First, copy the MIB file
RACOM-RipEX-<version>.mib to your MIB directory (on
CentOS7, it is
/usr/share/snmp/mibs/). Afterwards, you
need to edit the SNMP configuration file
/etc/snmp/snmp.conf) with a text editor (e.g.
# vim /etc/snmp/snmp.conf
Add the RipEX MIB via the following line and save the changes.
Reboot the Zabbix server. The RipEX OIDs, Value mapping etc. should now be correctly translated and understood.
Now we have our script prepared, let’s configure the Zabbix front-end:
If you have not yet done so, import the RipEX templates. One application is called TRAPS and it consists of all traps. Link the templates to desired hosts.
If Zabbix receives a trap for an unknown host it will not be displayed.
The host MUST be configured using the IP address as the Host name, e.g.:
192.168.10.1, port 161, IP
Along with this template, 15 new items and triggers appear at each used host. That is exactly the number of SNMP traps defined at the RipEX. Each trap should be recognized and the Zabbix should display the correct information message at the dashboard.
RipEX sends a trap whenever the watched value is out of range (or other configured condition is met) and whenever the value falls back within the corresponding range.
Every trap has two states in Zabbix. Each trap can either be in the alarm state or in the OK state.
RSS and DQ trap items are disabled in the template by default. The reason is that we need to define remote RipEX IP addresses first. See the following example for enabling a DQ trap:
Go to the Zabbix web front-end and select a RipEX host for which you want to process DQ traps. Click on the Items button and find an item with the following key: trpDqX.Y.Z.W.
Click on the item and then click on the Clone button. Now you can edit the item. Replace the “X.Y.Z.W” string in the item Name with the remote RipEX radio IP address (e.g. 192.168.131.55). Do the same in the Key field and select the Enabled option in the Status field. See the following example:
Save the changes and open the host Triggers list. Repeat the above steps for the DQ trigger and save the changes. You should see the trigger with the enabled status.
Follow the same procedure (DQ and RSS) for other remote RipEX units as needed.
You can also define Zabbix to send you an e-mail whenever any trap is triggered. See the Zabbix Documentation or Section Chapter 7, Zabbix Alerting via e-mail of this Application not for the e-mail configuration.
Please, find the file snmptrapd.conf usually it’s in the
/etc/snmp/ directory. Edit or create the file as root
with the following lines:
authCommunity execute public authCommunity execute PUBLIC traphandle default /usr/lib/zabbix/externalscripts/snmptrap.sh
The first two lines will allow all received traps with community public or PUBLIC to be parsed and the third line will force the snmptrapd to use our script.
If you do not know what community names you will receive, add the following line to accept all community names. Note that you should not define this line for security reasons.
Do not forget to restart snmptrapd. You should have similar snmptrapd parameters in the /etc/sysconfig/ snmptrapd file:
OPTIONS="-Lsd -p /var/run/snmptrapd.pid -On"
This ensures that snmptrapd daemon will not translate the numerical OID numbers which is important for our script to run properly.
If you install Zabbix on the CentOS distribution, do not forget to enable snmptrapd within SELinux security rules.
SELinux is an important security part of CentOS. Running all the functionality of Zabbix will require configuring these rules. If you do not understand it, consult the required changes with our technical support. More details about SELinux can be also found in this Application note, Chapter 2.8)
RipEX default Community string name is “public”, however it can be changed (since firmware release 1.3). All RipEX stations within the network must have the same Community string. Otherwise disableAuthorization has to be set to “yes” (or set authCommunity variables for all allowed Community string names).
Now, the system is ready to receive SNMPv2c traps and informs (see the previous section). If you configure SNMPv3 in the network, several additional steps are required.
Snmptrapd deamon needs to decrypt the incoming traps/informs. To
successfully authenticate itself and decrypt the message, correct
Users with correct secrets must be configured in the
In this file, you already have the similar lines:
authCommunity log,execute public authCommunity log,execute PUBLIC traphandle default /bin/bash /usr/lib/zabbix/externalscripts/snmptrap.sh
For SNMPv3 Inform (not traps), you need to create the user
createUser command. Stop the snmptrapd daemon:
# systemctl stop snmptrapd
Now, edit the
/etc/snmp/snmptrapd.conf file and add
createUser racom MD5 "racom1234" DES "racom5678"
This command should add the User “racom” with MD5 and DES secrets. Save the changes and run the snmptrapd daemon.
# systemctl start snmptrapd
Check if the addition was successful via
# cat /var/lib/net-snmp/snmptrapd.conf
You should see a line similar to the following one:
usmUser 1 3 0x80001f8880a9b9e400d6e8655900000000 "racom" "racom" NULL .184.108.40.206.220.127.116.11.1.3 0x40d2c90a2f4ee04dd30eb4e207a1e4ab507ce8d1 .18.104.22.168.22.214.171.124.2.2 0x40d2c90a2f4ee04dd30eb4e207a1e4ab ""
Now, the SNMPv3 informs can be successfully received and used.
SNMPv3 Traps need a bit different command. Everything is the
same, but the EngineID must be configured. In the RipEX web interface,
create the unique EngineID within SNMP configuration page. This value
is static and unique. For each RipEX unit, you need to create a
separate User in the snmptrap configuration file. Stop the snmptrapd
daemon again and add a similar line in the
createUser -e 0000831304199430ac1077ab racom MD5 "racom1234" DES "racom5678"
This creates a “racom” user the same way as for the Informs, but the EngineID 0000831304199430ac1077ab is fixed and must correspond to that created in the RipEX web interface.
Start the deamon and check the procedure:
# cat /var/lib/net-snmp/snmptrapd.conf
usmUser 1 3 0x0000831304199430ac1077ab "racom" "racom" NULL .126.96.36.199.188.8.131.52.1.2 0xfcddda2e844853de23eb838d96e985d9 .184.108.40.206.220.127.116.11.2.4 0xfcddda2e844853de23eb838d96e985d9 ""
A similar line should be there – check the EngineID parameter. If succesful, Informs and Traps should now be working correctly. If not, try to check all the mentioned steps and verify your procedure.
The same procedure must be met for any other SNMPv3 devices and their SNMPv3 traps/informs (not just RipEX).
Now Zabbix is ready to receive SNMP traps/informs from all RipEX stations and enter them into the database properly. In order to test it, force the trap to be sent from any RipEX and see whether it appears in the Zabbix front-end. If not, check that the respective UDP port (162) is enabled at your firewall and check the settings again. You can also execute Tcpdump or Wireshark at the selected interface of your Zabbix server or somewhere along the intended packet path.
Another basic test can be run using the following command:
zabbix_sender -z localhost -p 10051 -s "192.168.10.1" -k trpTemp -o "trpTemp, ALARM: ON"
The IP address of your RipEX station is 192.168.10.1, key is “trpTemp” and the message for the Zabbix server is “trpTemp, ALARM: ON”. The command should trigger the host’s ” temperature exceeded the threshold” alarm. Note that you need to have a host configured with this IP address, otherwise the trap will not be shown.
It is important to set the KEY value correctly, otherwise the trap/inform would not match the trigger. See more KEY values with their description below:
trpRssIPAddress – Remote station RSS value out of range (Replace the IPAddress with a real remote RipEX IP address)
trpDqIPAddress – Remote station DQ value out of range (Replace the IPAddress with a real remote RipEX IP address)
ttrpTxLost – TX Lost value out of range
trpUcc – UCC value out of range
trpTemp – Modem temperature value out of range
trpRfpwr – RF power value out of range
trpLanPr – Ethernet RX/TX packet ratio out of range
trpCom1Pr – COM1 RX/TX packet ratio out of range
trpCom2Pr – COM2 RX/TX packet ratio out of range
trpHwIn – HW input in the alarm state
trpHotStby – Modem becomes active in a Hot-Standby mode
trpBpath – Backup path state has changed
trpBpathAlt – Alternative path state has changed
trpUnitReady – Unit ready signal has changed
If you want to clear the trap/inform alarm, just repeat the same zabbix_sender command, but change the message to contain the word “OFF”. E.g. “ALARM OFF”.
You can also see Trap’s output in Monitoring → Latest Data → TRAPS of your RipEX station → History. The displayed information differs based on the trap received. See the detailed description in the respective Zabbix item.