SNMP Traps

If SNMP-capable devices in the network are configured to send traps to Horizon, these traps are transformed into events according to preconfigured rules. The Trapd service daemon, which lets Horizon receive SNMP traps, is enabled by default.

Disabling the Trapd service daemon will render Horizon incapable of receiving SNMP traps.

Event definitions are included with Horizon for traps from many vendors' equipment.

Traps Forwarded via Proxy

When SNMP traps are forwarded through a proxy using SNMPv2c or SNMPv3, preserving the original source IP address is a challenge due to the lack of an agent-addr field in the TRAP-V2 PDU used in those protocol versions. RFC 3584 defines an optional varbind snmpTrapAddress (.1.3.6.1.6.3.18.1.3.0) that can be added to forwarded traps to convey the original source IP address.

To configure Horizon to honor snmpTrapAddress when present, set use-address-from-varbind="true" in the top-level element of ${OPENNMS_HOME}/etc/trapd-configuration.xml and restart Horizon.

Configuration example for using RFC 3584 helper varbinds in forwarded traps

<trapd-configuration snmp-trap-port="1162"(1)
                     new-suspect-on-trap="false"(2)
                     use-address-from-varbind="true" />(3)

1	Set the SNMP trap daemon listening port to 1162/udp
2	Don’t create new nodes when receiving a SNMP Trap with an unknown source IP address
3	Try using the identifier source IP address from the `snmpTrapAddress` varbind instead of the UDP source IP address