SNMP Alerts

Last modified on March 27, 2024

Simple Network Management Protocol (SNMP) is used to exchange information between hosts in a network that includes network monitoring software. SNMP is widely used in local area networks (LANs) to monitor various network hosts from a single administrative host, called manager. AlertSite can work as an SNMP agent, notifying your SNMP manager about availability problems with your monitored sites.

Overview

Upon error, an SNMP trap is sent to a specific IP address with a trap listener. A Management Information Base (MIB) has been defined in Abstract Syntax Notation One (ASN1) notation and is available here.

SNMP alerts are sent on UDP port 161 or 162. UDP is unreliable over public networks, so we recommend using other notification methods. A possible alternative is to POST the alert to your web server and convert it to a local SNMP trap; see example below.

Alerts are sent from the IP address of the monitoring location that detected the error. You can find a complete list of AlertSite IP addresses here.

SNMP Version Support

Supported SNMP protocols:

  • SNMP Version 1 (SNMPv1)

  • SNMP Version 2c (SNMPv2c)

Creating an SNMP Alert Recipient

To receive alerts via SNMP traps, you need to add the IP address of your trap listener as an alert recipient in AlertSite.

AlertSite UXM
AlertSite 1.0

AlertSite UXM

  • Select Alert > Alert Recipients from the top menu.

  • Click + New Recipient.

  • From the Mode drop-down list, select either SNMP trap (snmpv1) or SNMP trap (snmpv2c), depending on the SNMP version you want to use.

  • In the Recipient field, enter the IP address of your trap listener.

  • Click Submit.

AlertSite 1.0

  • Select Notifiers > Notifiers from the top menu.

  • Click Add Notifier.

  • From the Send a(n) drop-down list, select either SNMP trap (snmpv1) or SNMP trap (snmpv2c), depending on the SNMP version you want to use.

  • In the To field, enter the IP address of your trap listener.

  • Click Submit.

SNMP Alert Example

Here is an example of an SNMP alert:

1.3.6.1.4.1.20431.1.1.3
4
Home Page
1.3.6.1.4.1.20431.1.1.6
4
5
1.3.6.1.4.1.20431.1.1.10
4
HTTP/1.1 200 OK
1.3.6.1.4.1.20431.1.1.2
4
C12345
1.3.6.1.4.1.20431.1.1.8
4
Keyword verification error within returned page
1.3.6.1.4.1.20431.1.1.1
4
SmartBear
1.3.6.1.4.1.20431.1.1.4
4
65897
1.3.6.1.4.1.20431.1.1.7
4
1
1.3.6.1.4.1.20431.1.1.5
4
2015-06-03 04:39:54

The packet consists of multiple sets of 3 lines in this order:

  • Message ID (for example, 1.3.6.1.4.1.20431.1.1.3) – see the table below.

  • Message type (for example, 4).

  • Message value.

The sets themselves can be in random order. You should parse the packet by message ID.

Message ID Description Sample Value
1.3.6.1.4.1.20434.1.1.1 Company name. SmartBear
1.3.6.1.4.1.20434.1.1.2 Customer ID. C12345
1.3.6.1.4.1.20434.1.1.3 Monitor name. LuciernaBank
1.3.6.1.4.1.20434.1.1.4 Monitor ID. 65897
1.3.6.1.4.1.20434.1.1.5 Date and time of alert. 2015-06-03 04:39:54
1.3.6.1.4.1.20434.1.1.6 AlertSite status code. 5
1.3.6.1.4.1.20434.1.1.7 Number of consecutive errors. 3
1.3.6.1.4.1.20434.1.1.8 Description of the AlertSite status code. Keyword verification error within returned page
1.3.6.1.4.1.20434.1.1.9 Optional. The name of the failed step in multi-step monitors. Login
1.3.6.1.4.1.20434.1.1.10 Optional. HTTP response status. HTTP/1.1 200 OK

Create SNMP Traps From POST Alerts

SNMP uses UDP as its transport protocol, which can be unreliable across public networks. A more reliable solution is to send alerts via a POST request to your web server, and then send the trap through your local network.

The body of POST requests will include alert data as field=value pairs, for example:

source=AlertSite&custid=C00000&company=Boca+Internet+Technologies&device_id=
0000&device_name=Test+Notification+Device&device_type=Web+Site&device_typeco
de=w&errcount=0&http_status=HTTP/1.1+200+OK&location=Fort+Lauderdale,
+Florida&location_num=10&status=0&status_text=Site+responded+normally+to+all
+tests.&timestamp=2015/05/19+12:47:19&transaction=0

Or, with line breaks added for readability:

source=AlertSite
custid=C00000
company=Boca+Internet+Technologies
device_id=0000
device_name=Test+Notification+Device
device_type=Web+Site
device_typecode=w
errcount=0
http_status=HTTP/1.1+200+OK
location=Fort+Lauderdale,+Florida
location_num=10
status=0
status_text=Site+responded+normally+to+all+tests.
timestamp=2015/05/19+12:47:19
transaction=0

Most web servers and programming languages (PHP, ASP.NET, Perl, and so on) have built-in functions to parse POST data. For example, in Perl CGI scripts the key line is:

$in = $cgi->parse_form_data();

This automatically makes all the AlertSite POST fields available to the program, for example:

  • $in->{status} is the test status,

  • $in->{errcount} is the number of consecutive errors,

  • and so on.

From there you can create and send SNMP traps traps.

Here is a sample Perl CGI script that converts POST alerts into local SNMP traps.

Perl

#!/usr/bin/perl
############ SET YOUR SITE CONSTANTS HERE #############
BEGIN
{
  ##### Destination for your SNMP trap #####
  use constant SNMP_HOST => '111.111.11.111';
  ##### Versions are 'snmpv1' or 'snmpv2c' #####
  use constant SNMP_VERSION => 'snmpv1';
}
#######################################################
use Net::SNMP;
use CGI::Lite;
use strict;
my ($cgi, $in);

# get the posted data
$cgi = new CGI::Lite;
$in = $cgi->parse_form_data();
print "Content­type: text/html\n\n";
print "<html><body>\n";
handle_snmp_trap($in);
print "</body></html>\n";
exit;

sub handle_snmp_trap
{
  if ($in->{source} eq 'AlertSite')
  {
    my (@oids, $session, $error, $result);

    # Setup SNMP message into @oids
    @oids = ();
    push @oids,('1.3.6.1.4.1.20434.1.1.1', OCTET_STRING, $in->{company});
    push @oids,('1.3.6.1.4.1.20434.1.1.2', OCTET_STRING, $in->{custid});
    push @oids,('1.3.6.1.4.1.20434.1.1.3', OCTET_STRING, $in->{device_name});
    push @oids,('1.3.6.1.4.1.20434.1.1.4', OCTET_STRING, $in->{device_id});
    push @oids,('1.3.6.1.4.1.20434.1.1.5', OCTET_STRING, $in->{timestamp});
    push @oids,('1.3.6.1.4.1.20434.1.1.6', OCTET_STRING, $in->{status});
    push @oids,('1.3.6.1.4.1.20434.1.1.7', OCTET_STRING, $in->{errcount});
    push @oids,('1.3.6.1.4.1.20434.1.1.8', OCTET_STRING, $in->{status_text});
    if ($in->{step_name})
    {
      push @oids,('1.3.6.1.4.1.20434.1.1.9', OCTET_STRING, $in->{step_name});
    }
    if ($in->{http_status})
    {
      push @oids,('1.3.6.1.4.1.20434.1.1.10', OCTET_STRING, $in->{http_status});
    }

    # Open SNMP session
    ($session, $error) = Net::SNMP->session
                         (
                          hostname => SNMP_HOST,
                          community => 'public',
                          port => 162,
                          version => SNMP_VERSION
                         );

    # Check for error
    if (!defined($session))
    {
      print "Error ($error) creating SNMP object.\n";
      return;
    }
    $session->debug(0xff); # Enable SNMP debugging
 
    # Send the trap using correct version
    if (SNMP_VERSION eq 'snmpv2c')
    {
      # Add required time and trap ID to the beginning of oid list
      unshift @oids,('1.3.6.1.6.3.1.1.4.1.0', OBJECT_IDENTIFIER, '1.3.6.1.4.1.20434.1.2.0.1');
      unshift @oids,('1.3.6.1.2.1.1.3.0', TIMETICKS, 999);
      $result = $session->snmpv2_trap(varbindlist => \@oids);
    }
    else
    {
      $result = $session->trap(enterprise => '1.3.6.1.4.1.20434.1.2',
                               generictrap => 6,
                               specifictrap => 1,
                               varbindlist => \@oids);
    }
    # Check for error
    if (!defined($result))
    {
      print "SNMP trap failed (" . $session->error() .")\n";
    }
    # Close the session
    $session->close;
  }
  else
  {
    print "Error -- invalid or missing POST data\n";
  }
  return;
}

See Also

Alert Delivery Methods
AlertSite MIB

Highlight search results