1. Overview

We use Simple Network Management Protocol (SNMP) to facilitate the management and monitoring of network devices. In particular, managed devices can send asynchronous notifications called SNMP traps to a network management system (NMS) to actively alert administrators about specific events.

In this tutorial, we’ll explore how to send SNMP traps from the command line in Linux, utilizing various tools and libraries.

2. Installing SNMP

When a given event or condition takes place on the network device, it can generate an SNMP trap:

  • system reboot
  • link failure
  • high CPU usage

Furthermore, the trap contains information about the event, such as the type of event and relevant data. They’re useful for monitoring and managing network devices. Moreover, they provide real-time notifications about critical events, enabling us to promptly respond to issues, troubleshoot problems, and ensure the smooth operation of the network infrastructure.

First, let’s tackle all the prerequisites needed to receive SNMP traps.

2.1. Package Installation

To begin with, we’ll check out how to install SNMP and verify a successful installation on Ubuntu version 22.10:

$ sudo apt update
$ sudo apt install -y snmp snmptrapd

In the above example, we use sudo along with apt to update the package lists on the system, ensuring that we have the latest information about available packages. Moreover, we also employ apt to install the snmp and snmptrapd packages. The -y flag automatically confirms any prompts during the installation process.

2.2. Validation Script

Now, let’s check whether the installation of the package is successful or not:

if dpkg -s snmp &> /dev/null && dpkg -s snmptrapd &> /dev/null; then
  echo "SNMP is installed."
  echo "SNMP installation failed."
  exit 1

We use an if-else statement to print SNMP is installed in the terminal using the echo command in case the package is installed successfully. On the other hand, if the installation fails, the statement printed will be SNMP installation failed. In addition, we terminate the script using exit 1 to return a non-zero exit code, indicating a failure.

In essence, we use the dpkg command with the -s option to report the status of the package. Since we’re installing the snmp and snmptrapd packages, we type in both packages in our if condition statement. Finally, the output is discarded to /dev/null.

2.3. Installation Validation

The next step is to save the script in the previous section in a file named snmp_installation.sh, and make it executable:

$ chmod +x snmp_installation.sh

We make the script executable via the x option of the chmod command. In this context, the + sign means we want to add the respective permission.

Let’s run the script and check the output:

$ ./snmp_installation.sh
SNMP is installed

The output from our script indicates the successful installation of our package.

3. Configuring SNMP

After installing the packages, let’s discuss what SNMP configuration file changes we need.

3.1. Creating the Trap Receiver Script

To handle the received SNMP traps, we create a new file /usr/bin/our_snmptrap_script.sh:

$ cat /usr/bin/our_snmptrap_script.sh
# Log file to store received traps
# Timestamp for the trap reception
TIMESTAMP=$(date +"%Y-%m-%d %T")
# Append the received trap details to the log file
echo "Received trap at $TIMESTAMP:" >> $LOG_FILE
echo "----------------------------------" >> $LOG_FILE
echo "$*" >> $LOG_FILE
echo "----------------------------------" >> $LOG_FILE
echo >> $LOG_FILE

The above script initializes two new variables, LOG_FILE and TIMESTAMP:

  • LOG_FILE: points to the newly created text file named /usr/bin/trap_log to store traps
  • TIMESTAMP: formatted to store the date and time of traps

The lines after the initialization format the data about new traps, associate it with the respective TIMESTAMP value, and append it to LOG_FILE.

Lastly, we grant execution permission to the script with chmod:

$ chmod +x /usr/bin/our_snmptrap_script.sh

Now, let’s point to our trap handler via the configuration.

3.2. Editing the snmptrapd Configuration File

The snmptrapd configuration file is usually located at /etc/snmp/snmptrapd.conf.

Subsequently, we can edit this file using a text editor such as nano:

$ sudo nano /etc/snmp/snmptrapd.conf

Initially, we ensure three lines are present in the file:

$ cat /etc/snmp/snmptrapd.conf
disableAuthorization yes
authCommunity log,execute,net public
snmpTrapdAddr udp:1234

In the above example, there are some parameters that may vary from one environment to another:

  • disableAuthorization value of yes disables authorization when sending traps to the SNMP manager
  • authCommunity ensures proper communication between peers, so we might have to change public to the proper community group described in the SNMP trap package configuration
  • snmpTrapdAddr sets the protocol and listening port of the SNMP Trap package

As already mentioned, we use traps to alert the NMS about specific events or conditions that occur on the network device. Accordingly, we uncomment or add a line starting with traphandle. Afterward, we append the actual path and filename of our trap receiver script, /usr/bin/our_snmptrap_script.sh.

So, all our changes are in four lines of /etc/snmp/snmptrapd.conf:

$ cat /etc/snmp/snmptrapd.conf
disableAuthorization yes
authcommunity log,execute,net public 
snmpTrapdAddr udp:1234
traphandle default /usr/bin/our_snmptrap_script.sh

Finally, the configuration is ready, so we can apply it:

$ sudo service snmptrapd restart

We restart the service called snmtrapd to make all our changes effective.

4. Sending SNMP Traps

After finalizing the required installation and preparation needed to ensure the proper functioning of SNMP traps, it’s time to see how to send an actual SNMP trap:

$ snmptrap -v 2c -c public '' SNMPv2-MIB::coldStart SNMPv2-MIB::sysName.0 s "MyDevice"

The snmptrap command sends an SNMP trap to the specified trap receiver, We accomplish this using SNMP version 2c and the community string public. The trap sent is the coldstart trap from the SNMPv2-MIB module, along with the value for the sysName object set to MyDevice.

4.1. Timeticks

One type that we can use with the snmptrap command is t:

$ snmptrap -v 2c -c public '' SNMPv2-MIB::coldStart SNMPv2-MIB::sysName.0 s "MyDevice" SNMPv2-MIB::snmpTrapTime.0 t 300

The 300 (t) TIMETICKS used in the above example measure the time duration between two events or epochs. The only difference here from the previous example is the definition of the SNMP trap time variable, which is SNMPv2-MIB::snmpTrapTime.0. After it, we define the type t that denotes that the value is of the TIMETICKS data type. Finally, the value of 300 represents 3 seconds. In particular, each timetick corresponds to a hundredth of a second.

4.2. Authentication and Encryption

Let’s see how to send an SNMPv3 trap with authentication and encryption:

$ snmptrap -v 3 -l authPriv -u username -a SHA -A auth_password -x AES -X priv_password -e 0x8000000001020304 '' SNMPv2-MIB::coldStart SNMPv2-MIB::sysName.0 s "MyDevice"

In the above code snippet, we use the -v option to specify the SNMP version as SNMPv3. Moreover, the -l authPriv option sets the security level to include both authentication and encryption. The -u and -a options indicate the SNMPv3 username for authentication and encryption and auth_password respectively using the SHA protocol.

On the other hand, -x AES -X priv_password specifies the encryption protocol AES and provides the encryption password. Finally, the -e option followed by 0x8000000001020304 object ID (OID) sets the enterprise OID in hexadecimal format.

5. Conclusion

In this article, we followed the steps to install SNMP on a Ubuntu Linux system. We achieved this by using the apt package manager and verifying its successful installation.

Additionally, we edited the /etc/snmp/snmptrapd.conf file to tailor it to our environment and created a trap handler script.

Finally, we saw that by testing SNMP functionality by sending an actual SNMP trap, we can ensure that SNMP is functioning as expected.