def run(self): self.running = True self.queue = Queue.Queue() # Create internal queue self.db = Mongo() # mongo database self.carbon = Carbon() # carbon metrics self.statsd = StatsD() # graphite metrics # Connect to message queue self.mq = Messaging() self.mq.connect( callback=ServerMessage(self.mq, self.queue, self.statsd)) self.mq.subscribe() # Start worker threads LOG.debug('Starting %s worker threads...', CONF.server_threads) for i in range(CONF.server_threads): w = WorkerThread(self.mq, self.queue, self.statsd) try: w.start() except Exception, e: LOG.error('Worker thread #%s did not start: %s', i, e) continue LOG.info('Started worker thread: %s', w.getName())
class SnmpTrapHandler(object): def __init__(self, prog, disable_flag=None): self.prog = prog self.disable_flag = disable_flag or CONF.disable_flag def start(self): LOG.info('Starting %s...' % self.prog) self.skip_on_disable() self.run() def skip_on_disable(self): if os.path.isfile(self.disable_flag): LOG.warning('Disable flag %s exists. Skipping...', self.disable_flag) sys.exit(0) def run(self): self.statsd = StatsD() # graphite metrics data = sys.stdin.read() LOG.info('snmptrapd -> %r', data) data = unicode(data, 'utf-8', errors='ignore') LOG.debug('unicoded -> %s', data) snmptrapAlert = SnmpTrapHandler.parse_snmptrap(data) self.api = ApiClient() if snmptrapAlert: try: self.api.send(snmptrapAlert) except Exception, e: LOG.warning('Failed to send alert: %s', e) self.statsd.metric_send('alert.snmptrap.alerts.total', 1) LOG.debug('Send heartbeat...') heartbeat = Heartbeat(tags=[__version__]) try: self.api.send(heartbeat) except Exception, e: LOG.warning('Failed to send heartbeat: %s', e)
def run(self): self.statsd = StatsD() # graphite metrics data = sys.stdin.read() LOG.info('snmptrapd -> %r', data) data = unicode(data, 'utf-8', errors='ignore') LOG.debug('unicoded -> %s', data) snmptrapAlert = SnmpTrapHandler.parse_snmptrap(data) self.api = ApiClient() if snmptrapAlert: self.api.send(snmptrapAlert) self.statsd.metric_send('alert.snmptrap.alerts.total', 1) LOG.debug('Send heartbeat...') heartbeat = Heartbeat(version=Version) self.api.send(heartbeat)
def run(self): self.statsd = StatsD() # graphite metrics data = sys.stdin.read() LOG.info('snmptrapd -> %r', data) data = unicode(data, 'utf-8', errors='ignore') LOG.debug('unicoded -> %s', data) snmptrapAlert = SnmpTrapHandler.parse_snmptrap(data) self.api = ApiClient() if snmptrapAlert: try: self.api.send(snmptrapAlert) except Exception, e: LOG.warning('Failed to send alert: %s', e) self.statsd.metric_send('alert.snmptrap.alerts.total', 1)
def run(self): self.running = True self.statsd = StatsD() # graphite metrics # Connect to message queue self.mq = Messaging() self.mq.connect(callback=CloudWatchMessage(self.mq)) self.dedup = DeDup(by_value=True) LOG.info('Connecting to SQS queue %s', CONF.cloudwatch_sqs_queue) try: sqs = boto.sqs.connect_to_region( CONF.cloudwatch_sqs_region, aws_access_key_id=CONF.cloudwatch_access_key, aws_secret_access_key=CONF.cloudwatch_secret_key) except boto.exception.SQSError, e: LOG.error('SQS API call failed: %s', e) sys.exit(1)
class QueryClient(object): def main(self): api = ApiClient() query = dict() self.tag_is_key_value = True self.now = datetime.datetime.utcnow() from_time = self.now if CONF.minutes or CONF.hours or CONF.days: from_time = self.now - datetime.timedelta( days=CONF.days, minutes=CONF.minutes + CONF.hours * 60) query['from-date'] = from_time.replace(microsecond=0).isoformat( ) + ".%03dZ" % (from_time.microsecond // 1000) elif CONF.watch: query['from-date'] = from_time.replace(microsecond=0).isoformat( ) + ".%03dZ" % (from_time.microsecond // 1000) self.now = self.now.replace(tzinfo=pytz.utc) from_time = from_time.replace(tzinfo=pytz.utc) if CONF.alertid: query['id'] = CONF.alertid if CONF.environment: query['environment'] = CONF.environment if CONF.not_environment: query['environment!'] = CONF.not_environment if CONF.service: query['service'] = CONF.service if CONF.not_service: query['service!'] = CONF.not_service if CONF.resource: query['resource'] = CONF.resource if CONF.not_resource: query['resource!'] = CONF.not_resource if CONF.severity: query['severity'] = CONF.severity if CONF.not_severity: query['severity!'] = CONF.not_severity if not CONF.status: query['status'] = [ status_code.OPEN, status_code.ACK, status_code.CLOSED ] if CONF.status: query['status'] = CONF.status if CONF.not_status: query['status!'] = CONF.not_status if CONF.event: query['event'] = CONF.event if CONF.not_event: query['event!'] = CONF.not_event if CONF.group: query['group'] = CONF.group if CONF.not_group: query['group!'] = CONF.not_group if CONF.value: query['value'] = CONF.value if CONF.not_value: query['value!'] = CONF.not_value if CONF.origin: query['origin'] = CONF.origin if CONF.not_origin: query['origin!'] = CONF.not_origin if CONF.tags: for tag in CONF.tags: key, value = tag.split('=') query['tags.' + key] = value if CONF.not_tags: for tag in CONF.not_tags: key, value = tag.split('=') query['tags.' + key + '!'] = value if CONF.text: query['text'] = CONF.text if CONF.not_text: query['text!'] = CONF.not_text if CONF.event_type: query['type'] = CONF.event_type if CONF.not_event_type: query['type!'] = CONF.not_event_type if CONF.repeat: query['repeat'] = CONF.repeat if CONF.sortby: query['sort-by'] = CONF.sortby if CONF.limit: query['limit'] = CONF.limit if CONF.show == ['counts']: query['hide-alert-details'] = 'true' if CONF.oneline: CONF.format = '{i} {rd} {sa} {E} {S} {r} {g} {e} {v} {t}' if CONF.query: query['q'] = CONF.query if CONF.json: CONF.output = 'json' self.tz = pytz.timezone(CONF.timezone) if CONF.output == 'table': pt = prettytable.PrettyTable([ "Alert ID", "Last Receive Time", "Severity", "Dupl.", "Environment", "Service", "Resource", "Group", "Event", "Value" ]) col_text = [] elif not CONF.noheader: print "Alerta Report Tool" print " api server: %s:%s" % (CONF.api_host, CONF.api_port) print " timezone: %s" % CONF.timezone if CONF.minutes or CONF.hours or CONF.days: print " interval: %s - %s" % (self._format_date(from_time), self._format_date(self.now)) if CONF.show: print " show: %s" % ','.join(CONF.show) if CONF.sortby: print " sort by: %s" % CONF.sortby if CONF.alertid: print " alert id: ^%s" % ','.join(CONF.alertid) if CONF.environment: print " environment: %s" % ','.join(CONF.environment) if CONF.not_environment: print " environment: (not) %s" % ','.join(CONF.not_environment) if CONF.service: print " service: %s" % ','.join(CONF.service) if CONF.not_service: print " service: (not) %s" % ','.join(CONF.not_service) if CONF.resource: print " resource: %s" % ','.join(CONF.resource) if CONF.not_resource: print " resource: (not) %s" % ','.join(CONF.not_resource) if CONF.origin: print " origin: %s" % ','.join(CONF.origin) if CONF.not_origin: print " origin: (not) %s" % ','.join(CONF.not_origin) if CONF.severity: print " severity: %s" % ','.join(CONF.severity) if CONF.not_severity: print " severity: (not) %s" % ','.join(CONF.not_severity) if CONF.status: print " status: %s" % ','.join(CONF.status) if CONF.not_status: print " status: (not) %s" % ','.join(CONF.not_status) if CONF.event: print " event: %s" % ','.join(CONF.event) if CONF.not_event: print " event: (not) %s" % ','.join(CONF.not_event) if CONF.group: print " group: %s" % ','.join(CONF.group) if CONF.not_group: print " group: (not) %s" % ','.join(CONF.not_group) if CONF.value: print " value: %s" % ','.join(CONF.value) if CONF.not_value: print " value: (not) %s" % ','.join(CONF.not_value) if CONF.text: print " text: %s" % ','.join(CONF.text) if CONF.not_text: print " text: (not) %s" % ','.join(CONF.not_text) if CONF.tags: print " tags: %s" % ','.join(CONF.tags) if CONF.not_tags: print " tags: (not) %s" % ','.join(CONF.not_tags) if CONF.event_type: print " event type: %s" % ','.join(CONF.event_type) if CONF.not_event_type: print " event type: (not) %s" % ','.join(CONF.not_event_type) if CONF.repeat: print " repeats: %s" % CONF.repeat if CONF.limit: print " count: %d" % CONF.limit if CONF.query: print " query: %s" % CONF.query if CONF.delete: print " action: DELETE" print if 'some' in CONF.show: CONF.show.append('text') CONF.show.append('details') elif 'all' in CONF.show: CONF.show.append('text') CONF.show.append('attributes') CONF.show.append('times') CONF.show.append('details') CONF.show.append('tags') line_color = '' end_color = '' if 'color' in CONF.show or CONF.color or os.environ.get( 'CLICOLOR', None): end_color = severity_code.ENDC # Query API for alerts while True: start = time.time() try: response = api.query(query) except (KeyboardInterrupt, SystemExit): sys.exit(0) end = time.time() if response['status'] == 'error': print "ERROR: %s" % (response['message']) LOG.error('%s', response['message']) sys.exit(1) if CONF.sortby in ['createTime', 'receiveTime', 'lastReceiveTime']: alertDetails = reversed(response['alerts']['alertDetails']) else: alertDetails = response['alerts']['alertDetails'] count = 0 for alert in alertDetails: resource = alert.get('resource', None) event = alert.get('event', None) correlate = alert.get('correlatedEvents', None) group = alert.get('group', None) value = alert.get('value', None) current_status = status_code.parse_status( alert.get('status', None)) current_severity = severity_code.parse_severity( alert.get('severity', None)) previous_severity = severity_code.parse_severity( alert.get('previousSeverity', None)) environment = alert.get('environment', None) service = alert.get('service', None) text = alert.get('text', None) event_type = alert.get('type', None) tags = alert.get('tags', None) origin = alert.get('origin', None) repeat = alert.get('repeat', False) duplicate_count = int(alert.get('duplicateCount', 0)) threshold_info = alert.get('thresholdInfo', None) summary = alert.get('summary', None) timeout = alert.get('timeout', 0) alertid = alert.get('id', None) raw_data = alert.get('rawData', None) last_receive_id = alert.get('lastReceiveId', None) create_time = datetime.datetime.strptime( alert.get('createTime', None), '%Y-%m-%dT%H:%M:%S.%fZ') create_time = create_time.replace(tzinfo=pytz.utc) create_time_epoch = time.mktime(create_time.timetuple()) receive_time = datetime.datetime.strptime( alert.get('receiveTime', None), '%Y-%m-%dT%H:%M:%S.%fZ') receive_time = receive_time.replace(tzinfo=pytz.utc) receive_time_epoch = time.mktime(receive_time.timetuple()) last_receive_time = datetime.datetime.strptime( alert.get('lastReceiveTime', None), '%Y-%m-%dT%H:%M:%S.%fZ') last_receive_time = last_receive_time.replace(tzinfo=pytz.utc) last_receive_time_epoch = time.mktime( last_receive_time.timetuple()) expire_time = datetime.datetime.strptime( alert.get('expireTime', None), '%Y-%m-%dT%H:%M:%S.%fZ') expire_time = expire_time.replace(tzinfo=pytz.utc) expire_time_epoch = time.mktime(expire_time.timetuple()) trend_indication = alert.get('trendIndication', None) more_info = alert.get('moreInfo', 'n/a') graph_urls = alert.get('graphUrls', ['n/a']) delta = receive_time - create_time latency = int(delta.days * 24 * 60 * 60 * 1000 + delta.seconds * 1000 + delta.microseconds / 1000) format_kwargs = { 'I': alertid, 'i': alertid[0:8], 'r': resource, 'e': event, 'C': ','.join(correlate), 'g': group, 'v': value, 'st': current_status.capitalize(), 's': current_severity.capitalize(), 'sa': severity_code._ABBREV_SEVERITY_MAP.get( current_severity, '****'), 'sc': severity_code.name_to_code(current_severity), 'sP': previous_severity.capitalize(), 'sPa': severity_code._ABBREV_SEVERITY_MAP.get( previous_severity, '****'), 'sPc': severity_code.name_to_code(previous_severity), 'E': ','.join(environment), 'S': ','.join(service), 't': text.encode('utf-8'), 'eT': event_type, 'T': ','.join(tags), 'O': origin, 'R': repeat, 'D': duplicate_count, 'th': threshold_info, 'y': summary, 'o': timeout, 'B': raw_data, 'ti': trend_indication, 'm': more_info, 'u': ','.join(graph_urls), 'L': latency, 'lrI': last_receive_id, 'lri': last_receive_id[0:8], 'ci': create_time.replace(microsecond=0).isoformat() + ".%03dZ" % (create_time.microsecond // 1000), 'ct': create_time_epoch, 'cd': self._format_date(create_time), 'cD': utils.formatdate(create_time_epoch), 'ri': receive_time.replace(microsecond=0).isoformat() + ".%03dZ" % (receive_time.microsecond // 1000), 'rt': receive_time_epoch, 'rd': self._format_date(receive_time), 'rD': utils.formatdate(receive_time_epoch), 'li': last_receive_time.replace(microsecond=0).isoformat() + ".%03dZ" % (last_receive_time.microsecond // 1000), 'lt': last_receive_time_epoch, 'ld': self._format_date(last_receive_time), 'lD': utils.formatdate(last_receive_time_epoch), 'ei': expire_time.replace(microsecond=0).isoformat() + ".%03dZ" % (expire_time.microsecond // 1000), 'et': expire_time_epoch, 'ed': self._format_date(expire_time), 'eD': utils.formatdate(expire_time_epoch), 'n': '\n', } count += 1 if CONF.delete: try: response = api.delete(alertid) except (KeyboardInterrupt, SystemExit): sys.exit(0) print(line_color + 'DELETE %s %s' % (alertid, response['status']) + end_color) continue if 'color' in CONF.show or CONF.color or os.environ.get( 'CLICOLOR', None): line_color = severity_code._COLOR_MAP[current_severity] if CONF.output == 'json': print(line_color + json.dumps(alert, indent=4) + end_color) continue if CONF.sortby == 'createTime': displayTime = create_time elif CONF.sortby == 'receiveTime': displayTime = receive_time else: displayTime = last_receive_time if CONF.output == 'table': pt.add_row([ alertid, self._format_date(displayTime), severity_code._ABBREV_SEVERITY_MAP.get( current_severity, '****'), duplicate_count, ','.join(environment), ','.join(service), resource, group, event, value ]) if 'text' in CONF.show: col_text.append(text) continue if CONF.format: try: print line_color + CONF.format.format( **format_kwargs) + end_color except (KeyError, IndexError), e: print 'Format error: %s' % e LOG.error('Format error: %s', e) continue if 'summary' in CONF.show: print(line_color + '%s' % summary + end_color) else: print( line_color + '%s|%s|%s|%5d|%-5s|%-10s|%-18s|%12s|%16s|%12s' % (alertid[0:8], self._format_date(displayTime), severity_code._ABBREV_SEVERITY_MAP.get( current_severity, '****'), duplicate_count, ','.join(environment), ','.join(service), resource, group, event, value) + end_color) if 'text' in CONF.show: print(line_color + ' |%s' % (text.encode('utf-8')) + end_color) if 'attributes' in CONF.show: print( line_color + ' severity | %s (%s) -> %s (%s)' % (previous_severity.capitalize(), severity_code.name_to_code(previous_severity), current_severity.capitalize(), severity_code.name_to_code(current_severity)) + end_color) print(line_color + ' trend | %s' % trend_indication + end_color) print(line_color + ' status | %s' % current_status.capitalize() + end_color) print(line_color + ' resource | %s' % resource + end_color) print(line_color + ' group | %s' % group + end_color) print(line_color + ' event | %s' % event + end_color) print(line_color + ' value | %s' % value + end_color) if 'times' in CONF.show: print( line_color + ' time created | %s' % (self._format_date(create_time)) + end_color) print( line_color + ' time received | %s' % (self._format_date(receive_time)) + end_color) print( line_color + ' last received | %s' % (self._format_date(last_receive_time)) + end_color) print(line_color + ' latency | %sms' % latency + end_color) print(line_color + ' timeout | %ss' % timeout + end_color) if expire_time: print( line_color + ' expire time | %s' % (self._format_date(expire_time)) + end_color) if 'details' in CONF.show: print(line_color + ' alert id | %s' % alertid + end_color) print(line_color + ' last recv id | %s' % last_receive_id + end_color) print( line_color + ' environment | %s' % (','.join(environment)) + end_color) print(line_color + ' service | %s' % (','.join(service)) + end_color) print(line_color + ' resource | %s' % resource + end_color) print(line_color + ' type | %s' % event_type + end_color) print(line_color + ' repeat | %s' % repeat + end_color) print(line_color + ' origin | %s' % origin + end_color) print(line_color + ' more info | %s' % more_info + end_color) print(line_color + ' threshold | %s' % threshold_info + end_color) print( line_color + ' correlate | %s' % (','.join(correlate)) + end_color) print( line_color + ' graphs | %s' % (','.join(graph_urls)) + end_color) if 'tags' in CONF.show and tags: if isinstance(tags, list): self.tag_is_key_value = False for tag in enumerate(tags): print(line_color + ' tag %6s | %s' % tag + end_color) else: for tag in tags.items(): print(line_color + ' tag %6s | %s' % tag + end_color) if 'raw' in CONF.show and raw_data: print(line_color + ' | %s' % raw_data + end_color) if 'history' in CONF.show: for hist in alert['history']: if 'event' in hist: alertid = hist['id'] create_time = datetime.datetime.strptime( hist['createTime'], '%Y-%m-%dT%H:%M:%S.%fZ') create_time = create_time.replace(tzinfo=pytz.utc) event = hist['event'] receive_time = datetime.datetime.strptime( hist['receiveTime'], '%Y-%m-%dT%H:%M:%S.%fZ') receive_time = receive_time.replace( tzinfo=pytz.utc) value = hist['value'] text = hist['text'] print( line_color + ' %s|%s|%s|%-18s|%12s|%16s|%12s' % (alertid[0:8], self._format_date(receive_time), severity_code._ABBREV_SEVERITY_MAP[ hist['severity']], resource, group, event, value) + end_color) print(line_color + ' |%s' % (text.encode('utf-8')) + end_color) if 'status' in hist: update_time = datetime.datetime.strptime( hist['updateTime'], '%Y-%m-%dT%H:%M:%S.%fZ') update_time = update_time.replace(tzinfo=pytz.utc) print( line_color + ' %s|%-8s %s' % (self._format_date(update_time), hist['status'], hist['text']) + end_color) if CONF.watch: try: time.sleep(CONF.interval) except (KeyboardInterrupt, SystemExit): sys.exit(0) query['from-date'] = response['alerts']['lastTime'] else: break if 'counts' in CONF.show: print print('%s|%s|%s' + ' ') % (status_code.OPEN, status_code.ACK, status_code.CLOSED), print('Crit|Majr|Minr|Warn|Norm|Info|Dbug') print('%4d' % response['alerts']['statusCounts']['open'] + ' ' + '%3d' % response['alerts']['statusCounts']['ack'] + ' ' + '%6d' % response['alerts']['statusCounts']['closed'] + ' '), print( severity_code._COLOR_MAP[severity_code.CRITICAL] + '%4d' % response['alerts']['severityCounts']['critical'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.MAJOR] + '%4d' % response['alerts']['severityCounts']['major'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.MINOR] + '%4d' % response['alerts']['severityCounts']['minor'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.WARNING] + '%4d' % response['alerts']['severityCounts']['warning'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.NORMAL] + '%4d' % response['alerts']['severityCounts']['normal'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.INFORM] + '%4d' % response['alerts']['severityCounts']['informational'] + severity_code.ENDC + ' ' + severity_code._COLOR_MAP[severity_code.DEBUG] + '%4d' % response['alerts']['severityCounts']['debug'] + severity_code.ENDC) response_time = int((end - start) * 1000) if CONF.output == 'table': if 'text' in CONF.show: pt.add_column("Text", col_text) print pt elif not CONF.nofooter: if 'more' in response and response['more']: has_more = '+' else: has_more = '' print print "Total: %d%s (produced on %s at %s by %s,v%s on %s in %sms)" % ( count, has_more, self.now.astimezone( self.tz).strftime("%d/%m/%y"), self.now.astimezone( self.tz).strftime("%H:%M:%S %Z"), os.path.basename( sys.argv[0]), Version, os.uname()[1], response_time) if not self.tag_is_key_value: LOG.warning( "Tags as lists of values are deprecated. Tags are now key-value pairs." ) statsd = StatsD() statsd.metric_send('alert.query.response_time.client', response_time, 'ms')
severity_code._COLOR_MAP[ severity_code.DEBUG] + '%4d' % response['alerts']['severityCounts']['debug'] + severity_code.ENDC) response_time = int((end - start) * 1000) if not CONF.nofooter: if response['more']: has_more = '+' else: has_more = '' print print "Total: %d%s (produced on %s at %s by %s,v%s on %s in %sms)" % ( count, has_more, self.now.astimezone(self.tz).strftime("%d/%m/%y"), self.now.astimezone(self.tz).strftime("%H:%M:%S %Z"), os.path.basename(sys.argv[0]), Version, os.uname()[1], response_time) statsd = StatsD() statsd.metric_send('alert.query.response_time.client', response_time, 'ms') def _format_date(self, event_time): if CONF.date == 'relative': event_time = event_time.replace(tzinfo=pytz.utc) event_time = event_time.astimezone(self.tz) return relative_date(event_time, self.now) elif CONF.date == 'local': return event_time.astimezone(self.tz).strftime('%Y/%m/%d %H:%M:%S') elif CONF.date == 'iso' or CONF.date == 'iso8601': return event_time.replace(microsecond=0).isoformat() + ".%03dZ" % (event_time.microsecond // 1000) elif CONF.date == 'rfc' or CONF.date == 'rfc2822': return utils.formatdate(time.mktime(event_time.timetuple())) elif CONF.date == 'short':
class SnmpTrapHandler(object): def __init__(self, prog, disable_flag=None): self.prog = prog self.disable_flag = disable_flag or CONF.disable_flag def start(self): LOG.info('Starting %s...' % self.prog) self.skip_on_disable() self.run() def skip_on_disable(self): if os.path.isfile(self.disable_flag): LOG.warning('Disable flag %s exists. Skipping...', self.disable_flag) sys.exit(0) def run(self): self.statsd = StatsD() # graphite metrics data = sys.stdin.read() LOG.info('snmptrapd -> %r', data) data = unicode(data, 'utf-8', errors='ignore') LOG.debug('unicoded -> %s', data) snmptrapAlert = SnmpTrapHandler.parse_snmptrap(data) self.api = ApiClient() if snmptrapAlert: self.api.send(snmptrapAlert) self.statsd.metric_send('alert.snmptrap.alerts.total', 1) LOG.debug('Send heartbeat...') heartbeat = Heartbeat(version=Version) self.api.send(heartbeat) @staticmethod def parse_snmptrap(data): pdu_data = data.splitlines() varbind_list = pdu_data[:] trapvars = dict() for line in pdu_data: if line.startswith('$'): special, value = line.split(None, 1) trapvars[special] = value varbind_list.pop(0) if '$s' in trapvars: if trapvars['$s'] == '0': version = 'SNMPv1' elif trapvars['$s'] == '1': version = 'SNMPv2c' elif trapvars['$s'] == '2': version = 'SNMPv2u' # not supported else: version = 'SNMPv3' trapvars['$s'] = version # Get varbinds varbinds = dict() idx = 0 for varbind in '\n'.join(varbind_list).split('~%~'): if varbind == '': break idx += 1 try: oid, value = varbind.split(None, 1) except ValueError: oid = varbind value = '' varbinds[oid] = value trapvars['$' + str(idx)] = value # $n LOG.debug('$%s %s', str(idx), value) trapvars['$q'] = trapvars['$q'].lstrip('.') # if numeric, remove leading '.' trapvars['$#'] = str(idx) LOG.debug('varbinds = %s', varbinds) LOG.debug('version = %s', version) correlate = list() if version == 'SNMPv1': if trapvars['$w'] == '0': trapvars['$O'] = 'coldStart' correlate = ['coldStart', 'warmStart'] elif trapvars['$w'] == '1': trapvars['$O'] = 'warmStart' correlate = ['coldStart', 'warmStart'] elif trapvars['$w'] == '2': trapvars['$O'] = 'linkDown' correlate = ['linkUp', 'linkDown'] elif trapvars['$w'] == '3': trapvars['$O'] = 'linkUp' correlate = ['linkUp', 'linkDown'] elif trapvars['$w'] == '4': trapvars['$O'] = 'authenticationFailure' elif trapvars['$w'] == '5': trapvars['$O'] = 'egpNeighborLoss' elif trapvars['$w'] == '6': # enterpriseSpecific(6) if trapvars['$q'].isdigit(): # XXX - specific trap number was not decoded trapvars['$O'] = '%s.0.%s' % (trapvars['$N'], trapvars['$q']) else: trapvars['$O'] = trapvars['$q'] elif version == 'SNMPv2c': if 'coldStart' in trapvars['$2']: trapvars['$w'] = '0' trapvars['$W'] = 'Cold Start' elif 'warmStart' in trapvars['$2']: trapvars['$w'] = '1' trapvars['$W'] = 'Warm Start' elif 'linkDown' in trapvars['$2']: trapvars['$w'] = '2' trapvars['$W'] = 'Link Down' elif 'linkUp' in trapvars['$2']: trapvars['$w'] = '3' trapvars['$W'] = 'Link Up' elif 'authenticationFailure' in trapvars['$2']: trapvars['$w'] = '4' trapvars['$W'] = 'Authentication Failure' elif 'egpNeighborLoss' in trapvars['$2']: trapvars['$w'] = '5' trapvars['$W'] = 'EGP Neighbor Loss' else: trapvars['$w'] = '6' trapvars['$W'] = 'Enterprise Specific' trapvars['$O'] = trapvars['$2'] # SNMPv2-MIB::snmpTrapOID.0 LOG.debug('trapvars = %s', trapvars) LOG.info('%s-Trap-PDU %s from %s at %s %s', version, trapvars['$O'], trapvars['$B'], trapvars['$x'], trapvars['$X']) if trapvars['$B'] != '<UNKNOWN>': resource = trapvars['$B'] elif trapvars['$A'] != '0.0.0.0': resource = trapvars['$A'] else: m = re.match(r'UDP: \[(\d+\.\d+\.\d+\.\d+)\]', trapvars['$b']) if m: resource = m.group(1) else: resource = '<NONE>' # Defaults event = trapvars['$O'] severity = severity_code.NORMAL group = 'SNMP' value = trapvars['$w'] text = trapvars['$W'] environment = ['INFRA'] service = ['Network'] tags = {'Version': version} timeout = None threshold_info = None summary = None create_time = datetime.datetime.strptime('%sT%s.000Z' % (trapvars['$x'], trapvars['$X']), '%Y-%m-%dT%H:%M:%S.%fZ') snmptrapAlert = Alert( resource=resource, event=event, correlate=correlate, group=group, value=value, severity=severity, environment=environment, service=service, text=text, event_type='snmptrapAlert', tags=tags, timeout=timeout, threshold_info=threshold_info, summary=summary, create_time=create_time, raw_data=data, ) suppress = snmptrapAlert.transform_alert(trapoid=trapvars['$O'], trapvars=trapvars, varbinds=varbinds) if suppress: LOG.info('Suppressing %s SNMP trap', snmptrapAlert.event) LOG.debug('%s', snmptrapAlert) return snmptrapAlert.translate_alert(trapvars) if snmptrapAlert.get_type() == 'Heartbeat': snmptrapAlert = Heartbeat(origin=snmptrapAlert.origin, version='n/a', timeout=snmptrapAlert.timeout) return snmptrapAlert