bitratio
commented
8 years ago I have the same update, is the plugin going to translate the traps or is this being worked on at all?
Closed pbastien closed 8 years ago
bitratio
commented
8 years ago I have the same update, is the plugin going to translate the traps or is this being worked on at all?
cvtienhoven
commented
8 years ago With VMWare MIB's, I also ran into the issue that the fields were like this:
snmp_1_3_6_1_4_1_6876_4_3_304_0
After some research, it turned out that there was an ordering issue in the loading of the MIB files. If you have a collection of MIB's with filenames, they will probably be loaded in alphabetical order, which might not be correct. In my case, there was a README from VMWare that stated the correct load order to prevent lookup errors. I created numberic subdirs in my MIB load path, with the MIB files distributed along these dirs to force the load order. After that the fields were displayed correctly.
mariussturm
commented
8 years ago @cvtienhoven thats a good point. Could you please point me to the VMWare docs? Maybe we can put a note about that in the README of the plugin to give other users some guidance.
cvtienhoven
commented
8 years ago @mariussturm There is not much online documentation about this, but this is the README file from the ESX MIB zip which specifies the load order: README
The original zip can be downloaded here: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1013445
mariussturm
commented
8 years ago Cool, thanks!
mariussturm
commented
8 years ago For the record, the plugin is translating the OIDs if it can resolve the ID. So the user have to make sure that MIB's are loaded correctly. I have put a note about this in the README: https://github.com/Graylog2/graylog-plugin-snmp/commit/391d79f82491ccbf82664ae8ee4ed368af20356d
After upgrading graylog and elasticsearch just to get the snmp plugin, I'm disappointed that the input stream only displays the version 2c OID in numeric, not text format. Should the plugin display the text translation of the OID? I get no OID info on v1 traps at all. Is there a document that discusses what the plugin actually should display so I know if this is the expected output? Since snmptranslate on the graylog server returns the OID's text information using the plugin's default mib paths, it seems that the plugin should be finding those mibs for translation also. If only the numeric OID is the deigned output behavior, is there a graylog function to extend the plugin to translate and display the text OID for a more user-friendly interface? Sorry for the long message. Thanks.