1136818 – [Notification][SNMP] modify the oid schema for SNMP notification - to be usable

Bug 1136818 - [Notification][SNMP] modify the oid schema for SNMP notification - to be usable

Summary: [Notification][SNMP] modify the oid schema for SNMP notification - to be usable

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	oVirt
Classification:	Retired
Component:	ovirt-engine-notificiations
Sub Component:
Version:	3.4
Hardware:	All
OS:	All
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	3.5.1
Assignee:	Mooli Tayer
QA Contact:	Jiri Belka
Docs Contact:
URL:
Whiteboard:	infra
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-09-03 11:41 UTC by Mooli Tayer
Modified:	2016-02-10 19:32 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-01-21 16:06:30 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
sample redhat MIB (310 bytes, text/plain) 2014-09-03 11:41 UTC, Mooli Tayer	no flags	Details
traps after translation using the mib (3.25 KB, text/plain) 2014-09-21 10:04 UTC, Mooli Tayer	no flags	Details
nagios_01 (331.23 KB, image/png) 2014-09-23 12:00 UTC, Mooli Tayer	no flags	Details
nagios_02 (313.87 KB, image/png) 2014-09-23 12:01 UTC, Mooli Tayer	no flags	Details
zabbix_01 (191.34 KB, image/png) 2014-09-23 16:01 UTC, Mooli Tayer	no flags	Details
trap (219.91 KB, image/png) 2015-01-08 13:15 UTC, Jiri Belka	no flags	Details
View All

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	1228783	None	None	None	Never
oVirt gerrit	32951	master	MERGED	notifier: modify the oid schema for SNMP notification.	Never
oVirt gerrit	33744	ovirt-engine-3.5	MERGED	notifier: modify the oid schema for SNMP notification.	Never

Description Mooli Tayer 2014-09-03 11:41:18 UTC

Created attachment 934049 [details]
sample redhat MIB

Benefit to ovirt:
Allow an easy integration with monitoring applications(e.g nagious).

Impact:
Configuration would not have to change although the traps would change
so monitoring triggers might have to be redefined.

Current state:
SNMP traps are being sent from ovirt-engine-notifier, see example[1].

The current OID's sent make it hard to define them under a simple MIB
as we nest all data fields under the id of a specific ALT (AuditLogType).
In order to create a MIB file we would have to parse AuditLogType at each build
and define all ALT in it and for each one define the objects that exist under
it (severity, message type, message text, etc.).

The idea is to have a simple tree MIB under 1.3.6.1.4.1.2312.13.1.1 (===baseoid)
(same as now, so configuration would not need to change)
Where we would define 2 entities:

baseoid.notification.trap[3.1]:
an OID representing trap messages by ovirt-engine-notifier, 
it will be the value of the generic key: SNMPv2-MIB::snmpTrapOID

baseoid.object[3.2]:
baseoid.object.auditlog.alt     (string e.g VDC_STOP)
baseoid.object.auditlog.id      (int e.g 2)
baseoid.object.auditlog.message 
baseoid.object.auditlog.sevirity
baseoid.object.auditlog.type
baseoid.object.auditlog.logTime
baseoid.object.auditlog.userName
baseoid.object.auditlog.vmName
baseoid.object.auditlog.vdsName
baseoid.object.auditlog.vmTemplateName
baseoid.object.auditlog.storagePoolName
baseoid.object.auditlog.storageDomainName
(If a field does not exist for a certain audit message, it will not be included)

In this manner we have the id as a value and not an OID.

A sample message after the change is provided[3].

Additional info:

* 2312 is the OID registered for redhat[2], although we would probably 
  need to distribute a REDHAT-MIB file do define notifications under it.
  A first draft for such is attached.

* We currently define 1.3.6.1.4.1.2312.13.1.1 ovirt-engine-notifier.conf as:
  iso.organization.DoD.Internet.private.enterprises.redhat.ovirt-engine.notifications.audit-log
  We would like to redefine (the same OID) as:
  iso.organization.DoD.Internet.private.enterprises.redhat.ovirt.ovirt-engine.notifications
  as this will allow us in the future to define OID for messages from different
  ovirt entities(e.g hosts).

* We currently append 0[1] after the event id to designate it as
  ENTERPRISE_SPECIFIC trap we would like to drop this as it is unneeded for
  snmpv2 support.

--------------------------------------------------------------------
[1]
Current traps as received by a snmptrapd (line breaks added):
2014-09-02 17:57:03 dhcp-1-204.tlv.redhat.com [UDP: [10.35.1.204]:46652->[10.35.215.71]:162]:
SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.2312.13.1.1.0.2
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3794) 0:00:37.94
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.0 = STRING: "Engine server is not responding."
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.1 = STRING: "ERROR"
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.2 = STRING: "alertMessage"
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.3 = STRING: "2014-09-02 10:56:26.176
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.4 = STRING: "VDC_STOP"

[2] http://www.alvestrand.no/objectid/1.3.6.1.4.1.2312.html

[3]
2014-09-02 17:57:03 dhcp-1-204.tlv.redhat.com [UDP: [10.35.1.204]:46652->[10.35.215.71]:162]:
SNMPv2-MIB::snmpTrapOID = OID: SNMPv2-SMI::enterprises.2312.13.1.1.1.1[3.1]
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3794) 0:00:37.94
SNMPv2-SMI::enterprises.2312.13.1.1.2.1.1 = STRING: "VDC_STOP."
SNMPv2-SMI::enterprises.2312.13.1.1.0.2.1 = INTEGER: "3"
...

Given a MIB the numbers above would be translated to meaningful names:
OVIRT-ENGINE-MIB::event_name
OVIRT-ENGINE-MIB::event_id
etc.

Comment 1 Mooli Tayer 2014-09-21 10:04:46 UTC

Created attachment 939726 [details]
traps after translation using the mib

Comment 2 Mooli Tayer 2014-09-23 12:00:41 UTC

Created attachment 940408 [details]
nagios_01

Comment 3 Mooli Tayer 2014-09-23 12:01:09 UTC

Created attachment 940409 [details]
nagios_02

Comment 4 Mooli Tayer 2014-09-23 16:01:03 UTC

Created attachment 940493 [details]
zabbix_01

Comment 5 Mooli Tayer 2014-10-22 19:55:35 UTC

*** Bug 1154352 has been marked as a duplicate of this bug. ***

Comment 6 Alon Bar-Lev 2014-12-02 18:25:46 UTC

can we move this to on_qa?

Comment 7 Jiri Belka 2015-01-08 13:14:56 UTC

ok, vt13.6

mibs opened with ireasoning mib browser and used that as trap receiver.

00:01:10.076396 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 542)
    10.34.61.218.54945 > 10.34.131.34.162:  { SNMPv2c { V2Trap(495) R=192234984  .1.3.6.1.2.1.1.3.0=8831 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.2312.13.1.1.0.1 .1.3.6.1.4.1.2312.13.1.1.2.1.1="6550" .1.3.6.1.4.1.2312
.13.1.1.2.1.2="VDS_ACTIVATE" .1.3.6.1.4.1.2312.13.1.1.2.1.3=16 .1.3.6.1.4.1.2312.13.1.1.2.1.4=0 .1.3.6.1.4.1.2312.13.1.1.2.1.5="Host dell-r210ii-03.rhev.lab.eng.brq.redhat.com was activated by admin." .1.3.6.1.4.
1.2312.13.1.1.2.1.6=0 .1.3.6.1.4.1.2312.13.1.1.2.1.7="2015-01-08T14:02Z" .1.3.6.1.4.1.2312.13.1.1.2.1.100="admin" .1.3.6.1.4.1.2312.13.1.1.2.1.101="fdfc627c-d875-11e0-90f0-83df133b58cc" .1.3.6.1.4.1.2312.13.1.1.2
.1.104="dell-r210ii-03.rhev.lab.eng.brq.redhat.com" .1.3.6.1.4.1.2312[|snmp] } } 
E.....@.@.c.
"=.
".".....
.[0........public.......uE.......0...0...+.......C.".0..

see screenshot

Comment 8 Jiri Belka 2015-01-08 13:15:19 UTC

Created attachment 977801 [details]
trap

Comment 9 Sandro Bonazzola 2015-01-21 16:06:30 UTC

oVirt 3.5.1 has been released. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.