logstash-integration-snmp 4.0.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +23 -0
- data/CONTRIBUTORS +20 -0
- data/Gemfile +11 -0
- data/LICENSE +202 -0
- data/README.md +89 -0
- data/VERSION +1 -0
- data/docs/index.asciidoc +202 -0
- data/docs/input-snmp.asciidoc +524 -0
- data/docs/input-snmptrap.asciidoc +392 -0
- data/lib/logstash/inputs/snmp.rb +369 -0
- data/lib/logstash/inputs/snmptrap.rb +190 -0
- data/lib/logstash/plugin_mixins/snmp/common.rb +197 -0
- data/lib/logstash-integration-snmp_jars.rb +6 -0
- data/lib/mibs/ietf/ACCOUNTING-CONTROL-MIB.dic +1316 -0
- data/lib/mibs/ietf/ADSL-LINE-EXT-MIB.dic +1724 -0
- data/lib/mibs/ietf/ADSL-LINE-MIB.dic +7297 -0
- data/lib/mibs/ietf/ADSL-TC-MIB.dic +160 -0
- data/lib/mibs/ietf/ADSL2-LINE-MIB.dic +8663 -0
- data/lib/mibs/ietf/ADSL2-LINE-TC-MIB.dic +1462 -0
- data/lib/mibs/ietf/AGENTX-MIB.dic +817 -0
- data/lib/mibs/ietf/AGGREGATE-MIB.dic +708 -0
- data/lib/mibs/ietf/ALARM-MIB.dic +1734 -0
- data/lib/mibs/ietf/APM-MIB.dic +2870 -0
- data/lib/mibs/ietf/APPC-MIB.dic +8687 -0
- data/lib/mibs/ietf/APPLETALK-MIB.dic +4399 -0
- data/lib/mibs/ietf/APPLICATION-MIB.dic +3750 -0
- data/lib/mibs/ietf/APPN-DLUR-MIB.dic +972 -0
- data/lib/mibs/ietf/APPN-MIB.dic +9364 -0
- data/lib/mibs/ietf/APPN-TRAP-MIB.dic +664 -0
- data/lib/mibs/ietf/APS-MIB.dic +2430 -0
- data/lib/mibs/ietf/ARC-MIB.dic +552 -0
- data/lib/mibs/ietf/ATM-ACCOUNTING-INFORMATION-MIB.dic +816 -0
- data/lib/mibs/ietf/ATM-MIB.dic +4104 -0
- data/lib/mibs/ietf/ATM-TC-MIB.dic +914 -0
- data/lib/mibs/ietf/ATM2-MIB.dic +4715 -0
- data/lib/mibs/ietf/BFD-STD-MIB.dic +2367 -0
- data/lib/mibs/ietf/BFD-TC-STD-MIB.dic +202 -0
- data/lib/mibs/ietf/BGP4-MIB.dic +1931 -0
- data/lib/mibs/ietf/BLDG-HVAC-MIB.dic +812 -0
- data/lib/mibs/ietf/BRIDGE-MIB.dic +2257 -0
- data/lib/mibs/ietf/CAPWAP-BASE-MIB.dic +4128 -0
- data/lib/mibs/ietf/CAPWAP-DOT11-MIB.dic +482 -0
- data/lib/mibs/ietf/CHARACTER-MIB.dic +1140 -0
- data/lib/mibs/ietf/CIRCUIT-IF-MIB.dic +493 -0
- data/lib/mibs/ietf/CLNS-MIB.dic +1702 -0
- data/lib/mibs/ietf/COFFEE-POT-MIB.dic +282 -0
- data/lib/mibs/ietf/COPS-CLIENT-MIB.dic +1270 -0
- data/lib/mibs/ietf/DECNET-PHIV-MIB.dic +5837 -0
- data/lib/mibs/ietf/DIAL-CONTROL-MIB.dic +2139 -0
- data/lib/mibs/ietf/DIFFSERV-CONFIG-MIB.dic +378 -0
- data/lib/mibs/ietf/DIFFSERV-MIB.dic +5073 -0
- data/lib/mibs/ietf/DIRECTORY-SERVER-MIB.dic +1041 -0
- data/lib/mibs/ietf/DISMAN-EVENT-MIB.dic +3151 -0
- data/lib/mibs/ietf/DISMAN-EXPRESSION-MIB.dic +1716 -0
- data/lib/mibs/ietf/DISMAN-NSLOOKUP-MIB.dic +698 -0
- data/lib/mibs/ietf/DISMAN-PING-MIB.dic +2635 -0
- data/lib/mibs/ietf/DISMAN-SCHEDULE-MIB.dic +1744 -0
- data/lib/mibs/ietf/DISMAN-SCRIPT-MIB.dic +2820 -0
- data/lib/mibs/ietf/DISMAN-TRACEROUTE-MIB.dic +3239 -0
- data/lib/mibs/ietf/DLSW-MIB.dic +5635 -0
- data/lib/mibs/ietf/DNS-RESOLVER-MIB.dic +1765 -0
- data/lib/mibs/ietf/DNS-SERVER-MIB.dic +1593 -0
- data/lib/mibs/ietf/DOCS-BPI-MIB.dic +2634 -0
- data/lib/mibs/ietf/DOCS-CABLE-DEVICE-MIB.dic +5042 -0
- data/lib/mibs/ietf/DOCS-IETF-BPI2-MIB.dic +5478 -0
- data/lib/mibs/ietf/DOCS-IETF-CABLE-DEVICE-NOTIFICATION-MIB.dic +2447 -0
- data/lib/mibs/ietf/DOCS-IETF-QOS-MIB.dic +4886 -0
- data/lib/mibs/ietf/DOCS-IETF-SUBMGT-MIB.dic +1331 -0
- data/lib/mibs/ietf/DOCS-IF-MIB.dic +7980 -0
- data/lib/mibs/ietf/DOT12-IF-MIB.dic +1066 -0
- data/lib/mibs/ietf/DOT12-RPTR-MIB.dic +2669 -0
- data/lib/mibs/ietf/DOT3-EPON-MIB.dic +3297 -0
- data/lib/mibs/ietf/DOT3-OAM-MIB.dic +2830 -0
- data/lib/mibs/ietf/DS0-MIB.dic +466 -0
- data/lib/mibs/ietf/DS0BUNDLE-MIB.dic +468 -0
- data/lib/mibs/ietf/DS1-MIB.dic +4890 -0
- data/lib/mibs/ietf/DS3-MIB.dic +2719 -0
- data/lib/mibs/ietf/DSA-MIB.dic +888 -0
- data/lib/mibs/ietf/DSMON-MIB.dic +6177 -0
- data/lib/mibs/ietf/DVB-RCS-MIB.dic +5764 -0
- data/lib/mibs/ietf/EBN-MIB.dic +1026 -0
- data/lib/mibs/ietf/EFM-CU-MIB.dic +4335 -0
- data/lib/mibs/ietf/ENTITY-MIB.dic +2235 -0
- data/lib/mibs/ietf/ENTITY-SENSOR-MIB.dic +653 -0
- data/lib/mibs/ietf/ENTITY-STATE-MIB.dic +457 -0
- data/lib/mibs/ietf/ENTITY-STATE-TC-MIB.dic +260 -0
- data/lib/mibs/ietf/ETHER-CHIPSET-MIB.dic +787 -0
- data/lib/mibs/ietf/EtherLike-MIB.dic +2548 -0
- data/lib/mibs/ietf/FC-MGMT-MIB.dic +3465 -0
- data/lib/mibs/ietf/FCIP-MGMT-MIB.dic +1596 -0
- data/lib/mibs/ietf/FDDI-SMT73-MIB.dic +3378 -0
- data/lib/mibs/ietf/FIBRE-CHANNEL-FE-MIB.dic +2504 -0
- data/lib/mibs/ietf/FLOAT-TC-MIB.dic +128 -0
- data/lib/mibs/ietf/FLOW-METER-MIB.dic +3201 -0
- data/lib/mibs/ietf/FORCES-MIB.dic +598 -0
- data/lib/mibs/ietf/FR-ATM-PVC-SERVICE-IWF-MIB.dic +1601 -0
- data/lib/mibs/ietf/FR-MFR-MIB.dic +1351 -0
- data/lib/mibs/ietf/FRAME-RELAY-DTE-MIB.dic +1688 -0
- data/lib/mibs/ietf/FRNETSERV-MIB.dic +3940 -0
- data/lib/mibs/ietf/FRSLD-MIB.dic +2580 -0
- data/lib/mibs/ietf/Finisher-MIB.dic +1416 -0
- data/lib/mibs/ietf/GMPLS-LABEL-STD-MIB.dic +965 -0
- data/lib/mibs/ietf/GMPLS-LSR-STD-MIB.dic +693 -0
- data/lib/mibs/ietf/GMPLS-TC-STD-MIB.dic +180 -0
- data/lib/mibs/ietf/GMPLS-TE-STD-MIB.dic +2542 -0
- data/lib/mibs/ietf/GSMP-MIB.dic +2468 -0
- data/lib/mibs/ietf/HC-ALARM-MIB.dic +1050 -0
- data/lib/mibs/ietf/HC-PerfHist-TC-MIB.dic +310 -0
- data/lib/mibs/ietf/HC-RMON-MIB.dic +4456 -0
- data/lib/mibs/ietf/HDSL2-SHDSL-LINE-MIB.dic +3955 -0
- data/lib/mibs/ietf/HOST-RESOURCES-MIB.dic +2453 -0
- data/lib/mibs/ietf/HPR-IP-MIB.dic +640 -0
- data/lib/mibs/ietf/HPR-MIB.dic +1959 -0
- data/lib/mibs/ietf/IANA-ITU-ALARM-TC-MIB.dic +936 -0
- data/lib/mibs/ietf/IF-CAP-STACK-MIB.dic +356 -0
- data/lib/mibs/ietf/IF-INVERTED-STACK-MIB.dic +220 -0
- data/lib/mibs/ietf/IF-MIB.dic +2753 -0
- data/lib/mibs/ietf/IFCP-MGMT-MIB.dic +1717 -0
- data/lib/mibs/ietf/IGMP-STD-MIB.dic +809 -0
- data/lib/mibs/ietf/INET-ADDRESS-MIB.dic +570 -0
- data/lib/mibs/ietf/INTEGRATED-SERVICES-GUARANTEED-MIB.dic +319 -0
- data/lib/mibs/ietf/INTEGRATED-SERVICES-MIB.dic +1196 -0
- data/lib/mibs/ietf/INTERFACETOPN-MIB.dic +1705 -0
- data/lib/mibs/ietf/IP-FORWARD-MIB.dic +1853 -0
- data/lib/mibs/ietf/IP-MIB.dic +7064 -0
- data/lib/mibs/ietf/IPATM-IPMC-MIB.dic +4830 -0
- data/lib/mibs/ietf/IPFIX-MIB.dic +2334 -0
- data/lib/mibs/ietf/IPFIX-SELECTOR-MIB.dic +215 -0
- data/lib/mibs/ietf/IPMCAST-MIB.dic +3390 -0
- data/lib/mibs/ietf/IPMROUTE-STD-MIB.dic +1246 -0
- data/lib/mibs/ietf/IPOA-MIB.dic +2372 -0
- data/lib/mibs/ietf/IPS-AUTH-MIB.dic +1609 -0
- data/lib/mibs/ietf/IPSEC-SPD-MIB.dic +3989 -0
- data/lib/mibs/ietf/IPV6-FLOW-LABEL-MIB.dic +110 -0
- data/lib/mibs/ietf/IPV6-ICMP-MIB.dic +748 -0
- data/lib/mibs/ietf/IPV6-MIB.dic +2028 -0
- data/lib/mibs/ietf/IPV6-MLD-MIB.dic +659 -0
- data/lib/mibs/ietf/IPV6-TCP-MIB.dic +332 -0
- data/lib/mibs/ietf/IPV6-UDP-MIB.dic +209 -0
- data/lib/mibs/ietf/ISCSI-MIB.dic +4613 -0
- data/lib/mibs/ietf/ISDN-MIB.dic +1796 -0
- data/lib/mibs/ietf/ISIS-MIB.dic +6215 -0
- data/lib/mibs/ietf/ISNS-MIB.dic +6578 -0
- data/lib/mibs/ietf/ITU-ALARM-MIB.dic +665 -0
- data/lib/mibs/ietf/ITU-ALARM-TC-MIB.dic +137 -0
- data/lib/mibs/ietf/Job-Monitoring-MIB.dic +2519 -0
- data/lib/mibs/ietf/L2TP-MIB.dic +4050 -0
- data/lib/mibs/ietf/LANGTAG-TC-MIB.dic +104 -0
- data/lib/mibs/ietf/LISP-MIB.dic +4067 -0
- data/lib/mibs/ietf/LMP-MIB.dic +5166 -0
- data/lib/mibs/ietf/MALLOC-MIB.dic +2156 -0
- data/lib/mibs/ietf/MAU-MIB.dic +2619 -0
- data/lib/mibs/ietf/MIDCOM-MIB.dic +2856 -0
- data/lib/mibs/ietf/MIOX25-MIB.dic +828 -0
- data/lib/mibs/ietf/MIP-MIB.dic +3473 -0
- data/lib/mibs/ietf/MOBILEIPV6-MIB.dic +5228 -0
- data/lib/mibs/ietf/MPLS-FTN-STD-MIB.dic +1594 -0
- data/lib/mibs/ietf/MPLS-L3VPN-STD-MIB.dic +2548 -0
- data/lib/mibs/ietf/MPLS-LC-ATM-STD-MIB.dic +491 -0
- data/lib/mibs/ietf/MPLS-LC-FR-STD-MIB.dic +395 -0
- data/lib/mibs/ietf/MPLS-LDP-ATM-STD-MIB.dic +1019 -0
- data/lib/mibs/ietf/MPLS-LDP-FRAME-RELAY-STD-MIB.dic +862 -0
- data/lib/mibs/ietf/MPLS-LDP-GENERIC-STD-MIB.dic +445 -0
- data/lib/mibs/ietf/MPLS-LDP-STD-MIB.dic +3657 -0
- data/lib/mibs/ietf/MPLS-LSR-STD-MIB.dic +3103 -0
- data/lib/mibs/ietf/MPLS-TC-STD-MIB.dic +911 -0
- data/lib/mibs/ietf/MPLS-TE-STD-MIB.dic +3673 -0
- data/lib/mibs/ietf/MSDP-MIB.dic +1893 -0
- data/lib/mibs/ietf/MTA-MIB.dic +1898 -0
- data/lib/mibs/ietf/Modem-MIB.dic +2054 -0
- data/lib/mibs/ietf/NAT-MIB.dic +3866 -0
- data/lib/mibs/ietf/NETWORK-SERVICES-MIB.dic +1034 -0
- data/lib/mibs/ietf/NHDP-MIB.dic +3005 -0
- data/lib/mibs/ietf/NHRP-MIB.dic +3660 -0
- data/lib/mibs/ietf/NOTIFICATION-LOG-MIB.dic +1156 -0
- data/lib/mibs/ietf/NTPv4-MIB.dic +1535 -0
- data/lib/mibs/ietf/OPT-IF-MIB.dic +8972 -0
- data/lib/mibs/ietf/OSPF-MIB.dic +5963 -0
- data/lib/mibs/ietf/OSPF-TRAP-MIB.dic +1190 -0
- data/lib/mibs/ietf/OSPFV3-MIB.dic +5708 -0
- data/lib/mibs/ietf/P-BRIDGE-MIB.dic +1499 -0
- data/lib/mibs/ietf/PARALLEL-MIB.dic +476 -0
- data/lib/mibs/ietf/PIM-MIB.dic +1393 -0
- data/lib/mibs/ietf/PIM-STD-MIB.dic +6819 -0
- data/lib/mibs/ietf/PINT-MIB.dic +830 -0
- data/lib/mibs/ietf/PKTC-IETF-MTA-MIB.dic +3191 -0
- data/lib/mibs/ietf/PKTC-IETF-SIG-MIB.dic +4713 -0
- data/lib/mibs/ietf/PMIPV6-MIB.dic +3010 -0
- data/lib/mibs/ietf/PMIPV6-TC-MIB.dic +293 -0
- data/lib/mibs/ietf/POLICY-BASED-MANAGEMENT-MIB.dic +3316 -0
- data/lib/mibs/ietf/POWER-ETHERNET-MIB.dic +959 -0
- data/lib/mibs/ietf/PPP-BRIDGE-NCP-MIB.dic +587 -0
- data/lib/mibs/ietf/PPP-IP-NCP-MIB.dic +269 -0
- data/lib/mibs/ietf/PPP-LCP-MIB.dic +994 -0
- data/lib/mibs/ietf/PPP-SEC-MIB.dic +411 -0
- data/lib/mibs/ietf/PSAMP-MIB.dic +998 -0
- data/lib/mibs/ietf/PTOPO-MIB.dic +1135 -0
- data/lib/mibs/ietf/PW-ATM-MIB.dic +1642 -0
- data/lib/mibs/ietf/PW-CEP-STD-MIB.dic +3661 -0
- data/lib/mibs/ietf/PW-STD-MIB.dic +3592 -0
- data/lib/mibs/ietf/PW-TC-STD-MIB.dic +437 -0
- data/lib/mibs/ietf/PW-TDM-MIB.dic +1896 -0
- data/lib/mibs/ietf/PerfHist-TC-MIB.dic +152 -0
- data/lib/mibs/ietf/Printer-MIB.dic +6665 -0
- data/lib/mibs/ietf/Q-BRIDGE-MIB.dic +3115 -0
- data/lib/mibs/ietf/RADIUS-ACC-CLIENT-MIB.dic +991 -0
- data/lib/mibs/ietf/RADIUS-ACC-SERVER-MIB.dic +1183 -0
- data/lib/mibs/ietf/RADIUS-AUTH-CLIENT-MIB.dic +1073 -0
- data/lib/mibs/ietf/RADIUS-AUTH-SERVER-MIB.dic +1251 -0
- data/lib/mibs/ietf/RADIUS-DYNAUTH-CLIENT-MIB.dic +1116 -0
- data/lib/mibs/ietf/RADIUS-DYNAUTH-SERVER-MIB.dic +1003 -0
- data/lib/mibs/ietf/RAQMON-MIB.dic +2695 -0
- data/lib/mibs/ietf/RBRIDGE-MIB.dic +2981 -0
- data/lib/mibs/ietf/RDBMS-MIB.dic +1935 -0
- data/lib/mibs/ietf/RFC1065-SMI.dic +108 -0
- data/lib/mibs/ietf/RFC1155-SMI.dic +118 -0
- data/lib/mibs/ietf/RFC1158-MIB.dic +2440 -0
- data/lib/mibs/ietf/RFC1213-MIB.dic +3434 -0
- data/lib/mibs/ietf/RFC1269-MIB.dic +557 -0
- data/lib/mibs/ietf/RFC1271-MIB.dic +4135 -0
- data/lib/mibs/ietf/RFC1285-MIB.dic +2842 -0
- data/lib/mibs/ietf/RFC1316-MIB.dic +800 -0
- data/lib/mibs/ietf/RFC1381-MIB.dic +1347 -0
- data/lib/mibs/ietf/RFC1382-MIB.dic +3820 -0
- data/lib/mibs/ietf/RFC1414-MIB.dic +214 -0
- data/lib/mibs/ietf/RIPv2-MIB.dic +773 -0
- data/lib/mibs/ietf/RMON-MIB.dic +5551 -0
- data/lib/mibs/ietf/RMON2-MIB.dic +8224 -0
- data/lib/mibs/ietf/ROHC-MIB.dic +1613 -0
- data/lib/mibs/ietf/ROHC-RTP-MIB.dic +859 -0
- data/lib/mibs/ietf/ROHC-UNCOMPRESSED-MIB.dic +267 -0
- data/lib/mibs/ietf/RPKI-ROUTER-MIB.dic +1363 -0
- data/lib/mibs/ietf/RS-232-MIB.dic +1335 -0
- data/lib/mibs/ietf/RSERPOOL-MIB.dic +2501 -0
- data/lib/mibs/ietf/RSTP-MIB.dic +427 -0
- data/lib/mibs/ietf/RSVP-MIB.dic +4135 -0
- data/lib/mibs/ietf/RTP-MIB.dic +1376 -0
- data/lib/mibs/ietf/SCSI-MIB.dic +3804 -0
- data/lib/mibs/ietf/SCTP-MIB.dic +1924 -0
- data/lib/mibs/ietf/SFLOW-MIB.dic +568 -0
- data/lib/mibs/ietf/SIP-COMMON-MIB.dic +2769 -0
- data/lib/mibs/ietf/SIP-MIB.dic +1438 -0
- data/lib/mibs/ietf/SIP-SERVER-MIB.dic +1150 -0
- data/lib/mibs/ietf/SIP-TC-MIB.dic +257 -0
- data/lib/mibs/ietf/SIP-UA-MIB.dic +268 -0
- data/lib/mibs/ietf/SLAPM-MIB.dic +4527 -0
- data/lib/mibs/ietf/SMON-MIB.dic +1758 -0
- data/lib/mibs/ietf/SNA-NAU-MIB.dic +4042 -0
- data/lib/mibs/ietf/SNA-SDLC-MIB.dic +3858 -0
- data/lib/mibs/ietf/SNMP-COMMUNITY-MIB.dic +715 -0
- data/lib/mibs/ietf/SNMP-FRAMEWORK-MIB.dic +709 -0
- data/lib/mibs/ietf/SNMP-MPD-MIB.dic +230 -0
- data/lib/mibs/ietf/SNMP-NOTIFICATION-MIB.dic +859 -0
- data/lib/mibs/ietf/SNMP-PROXY-MIB.dic +414 -0
- data/lib/mibs/ietf/SNMP-REPEATER-MIB.dic +4335 -0
- data/lib/mibs/ietf/SNMP-SSH-TM-MIB.dic +447 -0
- data/lib/mibs/ietf/SNMP-TARGET-MIB.dic +924 -0
- data/lib/mibs/ietf/SNMP-TLS-TM-MIB.dic +1449 -0
- data/lib/mibs/ietf/SNMP-TSM-MIB.dic +315 -0
- data/lib/mibs/ietf/SNMP-USER-BASED-SM-MIB.dic +1164 -0
- data/lib/mibs/ietf/SNMP-USM-AES-MIB.dic +95 -0
- data/lib/mibs/ietf/SNMP-USM-DH-OBJECTS-MIB.dic +653 -0
- data/lib/mibs/ietf/SNMP-VIEW-BASED-ACM-MIB.dic +1202 -0
- data/lib/mibs/ietf/SNMPv2-MIB.dic +1382 -0
- data/lib/mibs/ietf/SNMPv2-SMI.dic +223 -0
- data/lib/mibs/ietf/SNMPv2-USEC-MIB.dic +405 -0
- data/lib/mibs/ietf/SONET-MIB.dic +3308 -0
- data/lib/mibs/ietf/SOURCE-ROUTING-MIB.dic +542 -0
- data/lib/mibs/ietf/SSPM-MIB.dic +1530 -0
- data/lib/mibs/ietf/SYSAPPL-MIB.dic +2092 -0
- data/lib/mibs/ietf/T11-FC-FABRIC-ADDR-MGR-MIB.dic +1779 -0
- data/lib/mibs/ietf/T11-FC-FABRIC-CONFIG-SERVER-MIB.dic +2822 -0
- data/lib/mibs/ietf/T11-FC-FABRIC-LOCK-MIB.dic +700 -0
- data/lib/mibs/ietf/T11-FC-FSPF-MIB.dic +1889 -0
- data/lib/mibs/ietf/T11-FC-NAME-SERVER-MIB.dic +1775 -0
- data/lib/mibs/ietf/T11-FC-ROUTE-MIB.dic +655 -0
- data/lib/mibs/ietf/T11-FC-RSCN-MIB.dic +1110 -0
- data/lib/mibs/ietf/T11-FC-VIRTUAL-FABRIC-MIB.dic +770 -0
- data/lib/mibs/ietf/T11-FC-ZONE-SERVER-MIB.dic +3886 -0
- data/lib/mibs/ietf/T11-TC-MIB.dic +110 -0
- data/lib/mibs/ietf/TCP-ESTATS-MIB.dic +3926 -0
- data/lib/mibs/ietf/TCP-MIB.dic +1319 -0
- data/lib/mibs/ietf/TCPIPX-MIB.dic +457 -0
- data/lib/mibs/ietf/TE-LINK-STD-MIB.dic +2876 -0
- data/lib/mibs/ietf/TE-MIB.dic +2924 -0
- data/lib/mibs/ietf/TED-MIB.dic +1749 -0
- data/lib/mibs/ietf/TIME-AGGREGATE-MIB.dic +550 -0
- data/lib/mibs/ietf/TN3270E-MIB.dic +2785 -0
- data/lib/mibs/ietf/TN3270E-RT-MIB.dic +1317 -0
- data/lib/mibs/ietf/TOKEN-RING-RMON-MIB.dic +2820 -0
- data/lib/mibs/ietf/TOKENRING-MIB.dic +1184 -0
- data/lib/mibs/ietf/TOKENRING-STATION-SR-MIB.dic +292 -0
- data/lib/mibs/ietf/TRANSPORT-ADDRESS-MIB.dic +610 -0
- data/lib/mibs/ietf/TRIP-MIB.dic +3159 -0
- data/lib/mibs/ietf/TRIP-TC-MIB.dic +241 -0
- data/lib/mibs/ietf/TUNNEL-MIB.dic +1095 -0
- data/lib/mibs/ietf/UDP-MIB.dic +751 -0
- data/lib/mibs/ietf/UDPLITE-MIB.dic +704 -0
- data/lib/mibs/ietf/UPS-MIB.dic +3088 -0
- data/lib/mibs/ietf/URI-TC-MIB.dic +193 -0
- data/lib/mibs/ietf/UUID-TC-MIB.dic +135 -0
- data/lib/mibs/ietf/VDSL-LINE-EXT-MCM-MIB.dic +989 -0
- data/lib/mibs/ietf/VDSL-LINE-EXT-SCM-MIB.dic +605 -0
- data/lib/mibs/ietf/VDSL-LINE-MIB.dic +4518 -0
- data/lib/mibs/ietf/VDSL2-LINE-MIB.dic +11029 -0
- data/lib/mibs/ietf/VDSL2-LINE-TC-MIB.dic +3152 -0
- data/lib/mibs/ietf/VPN-TC-STD-MIB.dic +121 -0
- data/lib/mibs/ietf/VRRP-MIB.dic +1163 -0
- data/lib/mibs/ietf/VRRPV3-MIB.dic +1403 -0
- data/lib/mibs/ietf/WWW-MIB.dic +1810 -0
- data/lib/mibs/logstash/iso.dic +18 -0
- data/logstash-integration-snmp.gemspec +40 -0
- data/spec/fixtures/RFC1213-MIB.dic +3445 -0
- data/spec/fixtures/collision.dic +25 -0
- data/spec/integration/inputs/snmp_spec.rb +443 -0
- data/spec/integration/inputs/snmptrap_spec.rb +383 -0
- data/spec/unit/inputs/common_spec.rb +264 -0
- data/spec/unit/inputs/snmp_spec.rb +510 -0
- data/spec/unit/inputs/snmptrap_spec.rb +141 -0
- data/vendor/jar-dependencies/org/logstash/integrations/plugin/4.0.0/plugin-4.0.0.jar +0 -0
- data/vendor/jar-dependencies/org/snakeyaml/snakeyaml-engine/2.7/snakeyaml-engine-2.7.jar +0 -0
- data/vendor/jar-dependencies/org/snmp4j/snmp4j/3.8.0/snmp4j-3.8.0.jar +0 -0
- metadata +523 -0
@@ -0,0 +1,369 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'logstash/inputs/base'
|
3
|
+
require 'logstash/namespace'
|
4
|
+
require 'stud/interval'
|
5
|
+
require 'set'
|
6
|
+
|
7
|
+
require 'logstash-integration-snmp_jars'
|
8
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support'
|
9
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support/target_check'
|
10
|
+
require 'logstash/plugin_mixins/event_support/event_factory_adapter'
|
11
|
+
require 'logstash/plugin_mixins/validator_support/field_reference_validation_adapter'
|
12
|
+
require 'logstash/plugin_mixins/snmp/common'
|
13
|
+
|
14
|
+
# The SNMP input plugin polls network devices using Simple Network Management Protocol (SNMP)
|
15
|
+
# to gather information related to the current state of the devices operation.
|
16
|
+
class LogStash::Inputs::Snmp < LogStash::Inputs::Base
|
17
|
+
|
18
|
+
java_import 'org.logstash.snmp.SnmpClient'
|
19
|
+
java_import 'org.logstash.snmp.SnmpClientRequestAggregator'
|
20
|
+
java_import 'org.snmp4j.smi.OID'
|
21
|
+
|
22
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
23
|
+
|
24
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport::TargetCheck
|
25
|
+
|
26
|
+
include LogStash::PluginMixins::EventSupport::EventFactoryAdapter
|
27
|
+
|
28
|
+
extend LogStash::PluginMixins::ValidatorSupport::FieldReferenceValidationAdapter
|
29
|
+
|
30
|
+
include LogStash::PluginMixins::Snmp::Common
|
31
|
+
|
32
|
+
config_name "snmp"
|
33
|
+
|
34
|
+
# List of OIDs for which we want to retrieve the scalar value
|
35
|
+
config :get, :validate => :array # ["1.3.6.1.2.1.1.1.0"]
|
36
|
+
|
37
|
+
# List of OIDs for which we want to retrieve the subtree of information
|
38
|
+
config :walk, :validate => :array # ["1.3.6.1.2.1.1.1.0"]
|
39
|
+
|
40
|
+
# List of tables to walk
|
41
|
+
config :tables, :validate => :array # [ {"name" => "interfaces" "columns" => ["1.3.6.1.2.1.2.2.1.1", "1.3.6.1.2.1.2.2.1.2", "1.3.6.1.2.1.2.2.1.5"]} ]
|
42
|
+
|
43
|
+
# List of hosts to query the configured `get` and `walk` options.
|
44
|
+
#
|
45
|
+
# Each host definition is a hash and must define the `host` key and value.
|
46
|
+
# `host` must use the format {tcp|udp}:{ip address}/{port}
|
47
|
+
# for example `host => "udp:127.0.0.1/161"`
|
48
|
+
# Each host definition can optionally include the following keys and values:
|
49
|
+
# `community` with a default value of `public`
|
50
|
+
# `version` `1`, `2c` or `3` with a default value of `2c`
|
51
|
+
# `retries` with a default value of `2`
|
52
|
+
# `timeout` in milliseconds with a default value of `1000`
|
53
|
+
config :hosts, :validate => :array # [ {"host" => "udp:127.0.0.1/161", "community" => "public"} ]
|
54
|
+
|
55
|
+
# Set polling interval in seconds
|
56
|
+
#
|
57
|
+
# The default, `30`, means poll each host every 30 seconds.
|
58
|
+
config :interval, :validate => :number, :default => 30
|
59
|
+
|
60
|
+
# The optional SNMPv3 engine's administratively-unique identifier.
|
61
|
+
# Its length must be greater or equal than 5 and less or equal than 32.
|
62
|
+
config :local_engine_id, :validate => :string
|
63
|
+
|
64
|
+
# Number of threads to use for concurrently executing the hosts SNMP requests.
|
65
|
+
config :threads, :validate => :number, :required => true, :default => ::LogStash::Config::CpuCoreStrategy.maximum
|
66
|
+
|
67
|
+
# Timeout in milliseconds to execute all hosts configured operations (get, walk, table).
|
68
|
+
config :poll_hosts_timeout, :validate => :number
|
69
|
+
|
70
|
+
def initialize(params={})
|
71
|
+
super(params)
|
72
|
+
|
73
|
+
@host_protocol_field = ecs_select[disabled: '[@metadata][host_protocol]', v1: '[@metadata][input][snmp][host][protocol]']
|
74
|
+
@host_address_field = ecs_select[disabled: '[@metadata][host_address]', v1: '[@metadata][input][snmp][host][address]']
|
75
|
+
@host_port_field = ecs_select[disabled: '[@metadata][host_port]', v1: '[@metadata][input][snmp][host][port]']
|
76
|
+
@host_community_field = ecs_select[disabled: '[@metadata][host_community]', v1: '[@metadata][input][snmp][host][community]']
|
77
|
+
|
78
|
+
# Add the default "host" field to the event, for backwards compatibility, or host.ip in ecs mode
|
79
|
+
unless params.key?('add_field')
|
80
|
+
host_ip_field = ecs_select[disabled: "host", v1: "[host][ip]"]
|
81
|
+
@add_field = { host_ip_field => "%{#{@host_address_field}}" }
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
def register
|
86
|
+
validate_config!
|
87
|
+
|
88
|
+
mib_manager = build_mib_manager!
|
89
|
+
|
90
|
+
# setup client definitions per provided host
|
91
|
+
@client_definitions = []
|
92
|
+
supported_transports = Set.new
|
93
|
+
hosts_versions = Set.new
|
94
|
+
|
95
|
+
@hosts.each do |host|
|
96
|
+
host_name = host['host']
|
97
|
+
version = host['version'] || '2c'
|
98
|
+
|
99
|
+
unless version =~ VERSION_REGEX
|
100
|
+
raise(LogStash::ConfigurationError, "only protocol version '1', '2c' and '3' are supported for host option '#{host_name}'")
|
101
|
+
end
|
102
|
+
|
103
|
+
host_details = host_name.match(HOST_REGEX)
|
104
|
+
raise(LogStash::ConfigurationError, "invalid format for host option '#{host_name}'") unless host_details
|
105
|
+
|
106
|
+
unless host_details[:host_protocol].to_s =~ /^(?:udp|tcp)$/i
|
107
|
+
raise(LogStash::ConfigurationError, "only udp & tcp protocols are supported for host option '#{host_name}'")
|
108
|
+
end
|
109
|
+
|
110
|
+
host_protocol = host_details[:host_protocol]
|
111
|
+
definition = {
|
112
|
+
:get => Array(get),
|
113
|
+
:walk => Array(walk),
|
114
|
+
|
115
|
+
:host => host_name,
|
116
|
+
:host_address => host_details[:host_address],
|
117
|
+
:host_protocol => host_protocol,
|
118
|
+
:host_port => host_details[:host_port],
|
119
|
+
:host_community => host['community'] || 'public',
|
120
|
+
|
121
|
+
:retries => host['retries'] || 2,
|
122
|
+
:timeout => host['timeout'] || 1000,
|
123
|
+
:version => version,
|
124
|
+
|
125
|
+
:security_name => @security_name,
|
126
|
+
:security_level => @security_level,
|
127
|
+
}
|
128
|
+
|
129
|
+
supported_transports << host_protocol
|
130
|
+
hosts_versions << version
|
131
|
+
@client_definitions << definition
|
132
|
+
end
|
133
|
+
|
134
|
+
@client = build_client!(mib_manager, supported_transports, hosts_versions)
|
135
|
+
@request_aggregator = create_request_aggregator
|
136
|
+
end
|
137
|
+
|
138
|
+
def run(queue)
|
139
|
+
# Put the client into the listen mode, so it can send requests and receive responses
|
140
|
+
@client.listen
|
141
|
+
|
142
|
+
# Single threaded poller which sleeps off the remaining interval between each run.
|
143
|
+
# Each run polls all the defined hosts for the get, table and walk options.
|
144
|
+
stoppable_interval_runner.every(@interval, 'polling hosts') do
|
145
|
+
poll_clients(queue)
|
146
|
+
end
|
147
|
+
end
|
148
|
+
|
149
|
+
def poll_clients(queue)
|
150
|
+
max_host_timeout = 0
|
151
|
+
in_flight_requests = []
|
152
|
+
|
153
|
+
@client_definitions.each do |definition|
|
154
|
+
target = @client.create_target(
|
155
|
+
definition[:host],
|
156
|
+
definition[:version],
|
157
|
+
definition[:retries],
|
158
|
+
definition[:timeout],
|
159
|
+
definition[:host_community],
|
160
|
+
definition[:security_name],
|
161
|
+
definition[:security_level]
|
162
|
+
)
|
163
|
+
|
164
|
+
request = @request_aggregator.create_request(@client)
|
165
|
+
in_flight_requests << { request: request, definition: definition }
|
166
|
+
|
167
|
+
if definition[:get].any?
|
168
|
+
request.get(target, definition[:get].map { |oid| OID.new(oid) })
|
169
|
+
end
|
170
|
+
|
171
|
+
definition[:walk]&.each do |oid|
|
172
|
+
request.walk(target, OID.new(oid))
|
173
|
+
end
|
174
|
+
|
175
|
+
@tables&.each do |table_entry|
|
176
|
+
oids = table_entry['columns'].map { |oid| OID.new(oid) }
|
177
|
+
request.table(target, table_entry['name'], oids)
|
178
|
+
end
|
179
|
+
|
180
|
+
max_host_timeout = definition[:timeout] if definition[:timeout] > max_host_timeout
|
181
|
+
end
|
182
|
+
|
183
|
+
in_flight_requests.each do |req|
|
184
|
+
definition = req[:definition]
|
185
|
+
result_consumer = lambda do |result|
|
186
|
+
if result&.any?
|
187
|
+
event = targeted_event_factory.new_event(result)
|
188
|
+
event.set(@host_protocol_field, definition[:host_protocol])
|
189
|
+
event.set(@host_address_field, definition[:host_address])
|
190
|
+
event.set(@host_port_field, definition[:host_port])
|
191
|
+
event.set(@host_community_field, definition[:host_community])
|
192
|
+
decorate(event)
|
193
|
+
queue << event
|
194
|
+
else
|
195
|
+
logger.debug? && logger.debug('No SNMP data retrieved', host: definition[:host_address])
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
req[:request].get_result_async(result_consumer)
|
200
|
+
end
|
201
|
+
|
202
|
+
begin
|
203
|
+
# blocks until all requests are complete
|
204
|
+
@request_aggregator.await(in_flight_requests.map { |p| p[:request] }, poll_hosts_timeout(max_host_timeout))
|
205
|
+
rescue java.util.concurrent.TimeoutException => _
|
206
|
+
logger.error("Timed out while waiting for SNMP requests to finish. Consider increasing `poll_hosts_timeout` if the number of hosts is large")
|
207
|
+
end
|
208
|
+
end
|
209
|
+
|
210
|
+
def poll_hosts_timeout(max_host_timeout)
|
211
|
+
return @poll_hosts_timeout if @poll_hosts_timeout
|
212
|
+
|
213
|
+
# this timeout should be a safe-guard and it should never wait for that long.
|
214
|
+
# It might reach this point if there are several hosts operations, the hosts
|
215
|
+
# are unreachable/unhealthy, and/or the configured host timeout is too high.
|
216
|
+
in_flight_timeout = 1000 * 60 * 60 # 1 hour
|
217
|
+
in_flight_timeout = max_host_timeout if max_host_timeout > in_flight_timeout
|
218
|
+
in_flight_timeout = @interval if @interval > in_flight_timeout
|
219
|
+
|
220
|
+
in_flight_timeout
|
221
|
+
end
|
222
|
+
|
223
|
+
def stoppable_interval_runner
|
224
|
+
StoppableIntervalRunner.new(self)
|
225
|
+
end
|
226
|
+
|
227
|
+
def close
|
228
|
+
# keep this close order (aggregator, client), so the request_aggregator can gracefully shutdown
|
229
|
+
begin
|
230
|
+
@request_aggregator.close unless @request_aggregator.nil?
|
231
|
+
rescue => e
|
232
|
+
logger.warn('Error closing SNMP client request aggregator. Ignoring', :exception => e)
|
233
|
+
end
|
234
|
+
|
235
|
+
begin
|
236
|
+
@client.close unless @client.nil?
|
237
|
+
rescue => e
|
238
|
+
logger.warn('Error closing SNMP client. Ignoring', :exception => e)
|
239
|
+
end
|
240
|
+
end
|
241
|
+
|
242
|
+
private
|
243
|
+
|
244
|
+
OID_REGEX = /^\.?([0-9\.]+)$/
|
245
|
+
HOST_REGEX = /^(?<host_protocol>\w+):(?<host_address>.+)\/(?<host_port>\d+)$/i
|
246
|
+
VERSION_REGEX = /^1|2c|3$/
|
247
|
+
|
248
|
+
def validate_config!
|
249
|
+
validate_oids!
|
250
|
+
validate_hosts!
|
251
|
+
validate_tables!
|
252
|
+
validate_local_engine_id!
|
253
|
+
end
|
254
|
+
|
255
|
+
def validate_oids!
|
256
|
+
@get = Array(@get).map do |oid|
|
257
|
+
# verify oids for valid pattern and get rid or any leading dot if present
|
258
|
+
unless oid =~ OID_REGEX
|
259
|
+
raise(LogStash::ConfigurationError, "The get option oid '#{oid}' has an invalid format")
|
260
|
+
end
|
261
|
+
$1
|
262
|
+
end
|
263
|
+
|
264
|
+
@walk = Array(@walk).map do |oid|
|
265
|
+
# verify oids for valid pattern and get rid or any leading dot if present
|
266
|
+
unless oid =~ OID_REGEX
|
267
|
+
raise(LogStash::ConfigurationError, "The walk option oid '#{oid}' has an invalid format")
|
268
|
+
end
|
269
|
+
$1
|
270
|
+
end
|
271
|
+
|
272
|
+
if !@tables.nil?
|
273
|
+
@tables.each do |table_entry|
|
274
|
+
# Verify oids for valid pattern and get rid of any leading dot if present
|
275
|
+
columns = table_entry["columns"]
|
276
|
+
columns.each do |column|
|
277
|
+
unless column =~ OID_REGEX
|
278
|
+
raise(Logstash::ConfigurationError, "The table column oid '#{column}' is an invalid format")
|
279
|
+
end
|
280
|
+
end
|
281
|
+
$1
|
282
|
+
end
|
283
|
+
end
|
284
|
+
|
285
|
+
raise(LogStash::ConfigurationError, "at least one get OID, one walk OID, or one table OID is required") if @get.empty? && @walk.empty? && @tables.nil?
|
286
|
+
end
|
287
|
+
|
288
|
+
def validate_hosts!
|
289
|
+
# TODO: for new we only validate the host part, not the other optional options
|
290
|
+
|
291
|
+
raise(LogStash::ConfigurationError, "at least one host definition is required") if Array(@hosts).empty?
|
292
|
+
|
293
|
+
@hosts.each do |host|
|
294
|
+
raise(LogStash::ConfigurationError, "each host definition must have a \"host\" option") if !host.is_a?(Hash) || host["host"].nil?
|
295
|
+
end
|
296
|
+
end
|
297
|
+
|
298
|
+
def validate_tables!
|
299
|
+
if !@tables.nil?
|
300
|
+
@tables.each do |table_entry|
|
301
|
+
raise(LogStash::ConfigurationError, "each table definition must have a \"name\" option") if !table_entry.is_a?(Hash) || table_entry["name"].nil?
|
302
|
+
end
|
303
|
+
end
|
304
|
+
end
|
305
|
+
|
306
|
+
def validate_local_engine_id!
|
307
|
+
return if @local_engine_id.nil?
|
308
|
+
|
309
|
+
if @local_engine_id.length < 5
|
310
|
+
raise(LogStash::ConfigurationError, '`local_engine_id` length must be greater or equal than 5')
|
311
|
+
end
|
312
|
+
|
313
|
+
if @local_engine_id.length > 32
|
314
|
+
raise(LogStash::ConfigurationError, '`local_engine_id` length must be lower or equal than 32')
|
315
|
+
end
|
316
|
+
end
|
317
|
+
|
318
|
+
def create_request_aggregator
|
319
|
+
SnmpClientRequestAggregator.new(@threads, 'SnmpRequestWorker')
|
320
|
+
end
|
321
|
+
|
322
|
+
def build_client!(mib_manager, supported_transports, hosts_versions)
|
323
|
+
client_builder = org.logstash.snmp.SnmpClient.builder(mib_manager, supported_transports)
|
324
|
+
client_builder.setLocalEngineId(@local_engine_id) unless @local_engine_id.nil?
|
325
|
+
|
326
|
+
build_snmp_client!(client_builder, validate_usm_user: hosts_versions.include?('3'))
|
327
|
+
end
|
328
|
+
|
329
|
+
##
|
330
|
+
# The StoppableIntervalRunner is capable of running a block of code at a
|
331
|
+
# repeating interval, while respecting the stop condition of the plugin.
|
332
|
+
class StoppableIntervalRunner
|
333
|
+
##
|
334
|
+
# @param plugin [#logger,#stop?]
|
335
|
+
def initialize(plugin)
|
336
|
+
@plugin = plugin
|
337
|
+
end
|
338
|
+
|
339
|
+
##
|
340
|
+
# Runs the provided block repeatedly using the provided interval.
|
341
|
+
# After executing the block, the remainder of the interval if any is slept off
|
342
|
+
# using an interruptible sleep.
|
343
|
+
# If no time remains, a warning is emitted to the logs.
|
344
|
+
#
|
345
|
+
# @param interval_seconds [Integer,Float]
|
346
|
+
# @param desc [String] (default: "operation"): a description to use when logging
|
347
|
+
# @yield
|
348
|
+
def every(interval_seconds, desc="operation", &block)
|
349
|
+
until @plugin.stop?
|
350
|
+
start_time = Time.now
|
351
|
+
|
352
|
+
yield
|
353
|
+
|
354
|
+
duration_seconds = Time.now - start_time
|
355
|
+
if duration_seconds >= interval_seconds
|
356
|
+
@plugin.logger.warn("#{desc} took longer than the configured interval", :interval_seconds => interval_seconds, :duration_seconds => duration_seconds.round(3))
|
357
|
+
else
|
358
|
+
remaining_interval = interval_seconds - duration_seconds
|
359
|
+
sleep(remaining_interval)
|
360
|
+
end
|
361
|
+
end
|
362
|
+
end
|
363
|
+
|
364
|
+
# @api private
|
365
|
+
def sleep(duration)
|
366
|
+
Stud.stoppable_sleep(duration) { @plugin.stop? }
|
367
|
+
end
|
368
|
+
end
|
369
|
+
end
|
@@ -0,0 +1,190 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'logstash/inputs/base'
|
3
|
+
require 'logstash/namespace'
|
4
|
+
require 'set'
|
5
|
+
|
6
|
+
require 'logstash-integration-snmp_jars'
|
7
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support'
|
8
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support/target_check'
|
9
|
+
require 'logstash/plugin_mixins/event_support/event_factory_adapter'
|
10
|
+
require 'logstash/plugin_mixins/validator_support/field_reference_validation_adapter'
|
11
|
+
require 'logstash/plugin_mixins/normalize_config_support'
|
12
|
+
require 'logstash/plugin_mixins/snmp/common'
|
13
|
+
|
14
|
+
# Read snmp trap messages as events
|
15
|
+
#
|
16
|
+
# Resulting `@message` looks like :
|
17
|
+
# [source,json]
|
18
|
+
# {"error_index":0,"variable_bindings":{"1.3.6.1.6.3.1.1.4.1.0":"value"},"error_status":0,"type":"TRAP","error_status_text":"Success","version":"3","request_id":145014487}
|
19
|
+
#
|
20
|
+
class LogStash::Inputs::Snmptrap < LogStash::Inputs::Base
|
21
|
+
|
22
|
+
java_import 'org.logstash.snmp.SnmpClient'
|
23
|
+
|
24
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
25
|
+
|
26
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport::TargetCheck
|
27
|
+
|
28
|
+
include LogStash::PluginMixins::EventSupport::EventFactoryAdapter
|
29
|
+
|
30
|
+
extend LogStash::PluginMixins::ValidatorSupport::FieldReferenceValidationAdapter
|
31
|
+
|
32
|
+
include LogStash::PluginMixins::NormalizeConfigSupport
|
33
|
+
|
34
|
+
include LogStash::PluginMixins::Snmp::Common
|
35
|
+
|
36
|
+
config_name 'snmptrap'
|
37
|
+
|
38
|
+
# The address to listen on
|
39
|
+
config :host, :validate => :string, :required => true, :default => '0.0.0.0'
|
40
|
+
|
41
|
+
# The port to listen on. Remember that ports less than 1024 (privileged
|
42
|
+
# ports) may require root to use. hence the default of 1062.
|
43
|
+
config :port, :validate => :number, :required => true, :default => 1062
|
44
|
+
|
45
|
+
# The supported transport protocols to listen on.
|
46
|
+
config :supported_transports, :validate => %w[tcp udp], :default => %w[udp], :required => true, :list => true
|
47
|
+
|
48
|
+
# The supported SNMP versions to listen on
|
49
|
+
config :supported_versions, :validate => %w[1 2c 3], default: %w[1 2c], :required => true, :list => true
|
50
|
+
|
51
|
+
# SNMP Community String to listen for.
|
52
|
+
config :community, :validate => :array, :default => 'public'
|
53
|
+
|
54
|
+
# directory of YAML MIB maps (same format ruby-snmp uses)
|
55
|
+
config :yamlmibdir, :validate => :string, :deprecated => "Use `mib_paths` instead."
|
56
|
+
|
57
|
+
# Number of threads to use for processing the received SNMP messages.
|
58
|
+
# By default, SNMP4J uses a single listener thread, which delegates all received data
|
59
|
+
# to the message dispatcher. This setting, configures the number of threads to be used
|
60
|
+
# by the message dispatcher, so it won't block the listener thread.
|
61
|
+
config :threads, :validate => :number, :required => true, :default => ::LogStash::Config::CpuCoreStrategy.seventy_five_percent
|
62
|
+
|
63
|
+
# These MIBs were automatically added by ruby-snmp when no @yamlmibdir was provided.
|
64
|
+
MIB_DEFAULT_PATHS = [
|
65
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'SNMPv2-SMI.dic'),
|
66
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'SNMPv2-MIB.dic'),
|
67
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'IF-MIB.dic'),
|
68
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'IP-MIB.dic'),
|
69
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'TCP-MIB.dic'),
|
70
|
+
::File.join(MIB_BASE_PATH, 'ietf', 'UDP-MIB.dic')
|
71
|
+
].map { |path| ::File.expand_path(path) }
|
72
|
+
|
73
|
+
def initialize(params = {})
|
74
|
+
super(params)
|
75
|
+
|
76
|
+
setup_deprecated_params!
|
77
|
+
@host_ip_field = ecs_select[disabled: 'host', v1: '[host][ip]']
|
78
|
+
end
|
79
|
+
|
80
|
+
def register
|
81
|
+
validate_config!
|
82
|
+
mib_manager = build_mib_manager!
|
83
|
+
|
84
|
+
if !@mib_paths && !@use_provided_mibs
|
85
|
+
logger.info("Using default MIB paths #{MIB_DEFAULT_PATHS}")
|
86
|
+
MIB_DEFAULT_PATHS.each do |path|
|
87
|
+
mib_manager.add(path)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
@client = build_client!(mib_manager)
|
92
|
+
end
|
93
|
+
|
94
|
+
def run(output_queue)
|
95
|
+
begin
|
96
|
+
trap_message_consumer = lambda { |trap| consume_trap_message(output_queue, trap) }
|
97
|
+
@client.trap(@community, trap_message_consumer)
|
98
|
+
rescue => e
|
99
|
+
@logger.warn('SNMP Trap listener died', format_log_data(e))
|
100
|
+
Stud.stoppable_sleep(5) { stop? }
|
101
|
+
retry if !stop?
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
def stop
|
106
|
+
begin
|
107
|
+
@client.close unless @client.nil?
|
108
|
+
rescue => e
|
109
|
+
logger.warn('Error closing SNMP client. Ignoring', format_log_data(e))
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
def client_listening?
|
114
|
+
@client.isListening()
|
115
|
+
end
|
116
|
+
|
117
|
+
private
|
118
|
+
|
119
|
+
def validate_config!
|
120
|
+
if !@security_name.nil? && !@supported_versions.include?('3')
|
121
|
+
raise(LogStash::ConfigurationError, "Using a `security_name` requires `supported_versions` to include version '3': #{@supported_versions}")
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
def build_client!(mib_manager)
|
126
|
+
client_builder = org.logstash.snmp.SnmpClient
|
127
|
+
.builder(mib_manager, @supported_transports.to_set, @port)
|
128
|
+
.setHost(@host)
|
129
|
+
.setSupportedVersions(@supported_versions.to_set)
|
130
|
+
.setMessageDispatcherPoolName('SnmpTrapMessageDispatcherWorker')
|
131
|
+
.setMessageDispatcherPoolSize(@threads)
|
132
|
+
|
133
|
+
build_snmp_client!(client_builder, validate_usm_user: @supported_versions.include?('3'))
|
134
|
+
end
|
135
|
+
|
136
|
+
def consume_trap_message(output_queue, trap_message)
|
137
|
+
begin
|
138
|
+
output_queue << process_trap_message(trap_message)
|
139
|
+
rescue => e
|
140
|
+
extra_data = { :trap_event => format_trap_message(trap_message) } if trap_message rescue {}
|
141
|
+
@logger.error('Failed to create event', format_log_data(e, extra_data))
|
142
|
+
end
|
143
|
+
end
|
144
|
+
|
145
|
+
def process_trap_message(trap_message)
|
146
|
+
data = Hash.new
|
147
|
+
|
148
|
+
trap_message.getFormattedVariableBindings.each do |name, value|
|
149
|
+
data[name] = value
|
150
|
+
end
|
151
|
+
|
152
|
+
event = targeted_event_factory.new_event(data)
|
153
|
+
event.set(@host_ip_field, trap_message.getPeerIpAddress)
|
154
|
+
event.set('message', format_trap_message(trap_message))
|
155
|
+
|
156
|
+
add_metadata_fields(event, trap_message.getTrapEvent)
|
157
|
+
decorate(event)
|
158
|
+
|
159
|
+
event
|
160
|
+
end
|
161
|
+
|
162
|
+
def format_trap_message(trap_message)
|
163
|
+
trap_event = trap_message.getTrapEvent.to_hash
|
164
|
+
trap_event['variable_bindings'] = trap_event['variable_bindings'].to_hash
|
165
|
+
LogStash::Json.dump(trap_event)
|
166
|
+
end
|
167
|
+
|
168
|
+
def add_metadata_fields(event, trap_event)
|
169
|
+
trap_event.each do |name, value|
|
170
|
+
event.set("[@metadata][input][snmptrap][pdu][#{name}]", value) if value
|
171
|
+
end
|
172
|
+
end
|
173
|
+
|
174
|
+
def setup_deprecated_params!
|
175
|
+
@mib_paths = normalize_config(:mib_paths) do |normalize|
|
176
|
+
normalize.with_deprecated_mapping(:yamlmibdir) do |yamlmibdir|
|
177
|
+
[yamlmibdir]
|
178
|
+
end
|
179
|
+
end
|
180
|
+
end
|
181
|
+
|
182
|
+
def format_log_data(exception, extra_data = {})
|
183
|
+
data = {}
|
184
|
+
data[:exception] = exception.class
|
185
|
+
data[:message] = exception.message
|
186
|
+
data[:backtrace] = exception.backtrace if logger.debug?
|
187
|
+
data.merge!(extra_data)
|
188
|
+
data
|
189
|
+
end
|
190
|
+
end
|