背景:用户希望 F5 禁止发送指定 SNMP Trap 告警,本文以禁止发送 pool 成员状态监测 down 告警为例进行配置,以 TcpDump 工具进行抓包验证。禁用其他 SNMP Trap 告警也可参考本文章进行实现。
一、未禁用 pool member down Trap告警🌳
1、在 F5 上模拟 pool member down 向 SNMP 服务器发出告警。
logger -p local0.notice "01070638:5: Pool /Common/pool_one member /Common/192.168.10.1:80 monitor status down."
2、在F5上抓包查看是否发送告警
抓包命令:tcpdump -nni 0.0:nnnp -s0 -vvv host 192.168.10.84 and port 162
14:27:08.642228 IP (tos 0x0, ttl 64, id 43540, offset 0, flags [DF], proto UDP (17), length 278)
192.168.10.84.65221 > 192.168.10.223.162: [udp sum ok] { SNMPv2c C="Ad123min" { V2Trap(231) R=722473879 .1.3.6.1.2.1.1.3.0=295208617 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.3375.2.4.0.10 .1.3.6.1.4.1.3375.2.4.1.1="Pool /Common/pool_one member /Common/192.168.10.1:80 monitor status down." .1.3.6.1.4.1.3375.2.4.1.2="/Common/192.168.10.1" .1.3.6.1.4.1.3375.2.4.1.3="80" .1.3.6.1.6.3.1.1.4.3.0=.1.3.6.1.4.1.3375.2.4 } } in slot1/tmm0 lis= flowtype=0 flowid=0 peerid=0 conflags=0 inslot=0 inport=0 haunit=0 priority=0 peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0
3、在 SNMP 服务器查看是否收到告警
抓包命令:tcpdump -i ens192 host 192.168.10.84 and port 162
14:24:49.509918 IP 192.168.10.84.46185 > compute.snmptrap: C="Ad123min" V2Trap(83) system.sysUpTime.0=4364560 S:1.1.4.1.0=E:3375.2.4.0.3 S:1.1.4.3.0=E:3375.2.4
14:24:52.031740 IP 192.168.10.84.65221 > compute.snmptrap: C="Ad123min" V2Trap(231) system.sysUpTime.0=295208617 S:1.1.4.1.0=E:3375.2.4.0.10 E:3375.2.4.1.1="Pool /Common/pool_one member /Common/192.168.10.1:80 monitor status down." E:3375.2.4.1.2="/Common/192.168.10.1" E:3375.2.4.1.3="80" S:1.1.4.3.0=E:3375.2.4
二、配置禁用 pool member down Trap 告警🌿
1、查找 pool member down Trap 告警配置
查找/etc/alertd/alert.conf
文件中 pool member down Trap 告警相关配置
alert BIGIP_MCPD_MCPDERR_POOL_MEMBER_MON_STATUS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.10"
}
2、备份配置
备份 /config/user_alert.conf
文件
cp /config/user_alert.conf /config/user_alert_backup.conf
3、编辑配置文件
编辑配置文件/config/user_alert.conf
,粘贴第一步中要禁用的内容,在OID行首添加#
注释。
alert BIGIP_MCPD_MCPDERR_POOL_MEMBER_MON_STATUS {
# snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.10"
}
重要提示:仅注释掉 snmptrap OID= 条目,以防止发送关联的陷阱。如果注释掉整个节,则仍将发送陷阱。
4、重新启动alertd
进程
bigstart restart alertd
三、验证配置🌱
验证过程如第一章所示,模拟告警进行验证,此处省略。
四、附录🌾
您可以使用以下命令语法在 /var/log/ltm 文件中生成日志消息并触发警报电子邮件:
logger -p local0.notice ""
示例:
logger -p local0.notice "010d0001:0: Cpu 1: temperature (80) is too high."
logger -p local0.notice "010d0002:2: Cpu 1: fan speed (0) is too low."
logger -p local0.notice "010c0019:5: Active."
logger -p local0.notice "010c0018:5: Standby."
logger -p local0.notice "01070638:5: Pool /Common/pool_one member /Common/192.168.10.1:80 monitor status down."
logger -p local0.notice "01070727:5: Pool /Common/pool_one member /Common/192.168.10.1:80 monitor status up."
五、参考文档🍂
感谢以下文档提供的帮助!!!
https://support.f5.com/csp/article/K77406702
https://support.f5.com/csp/article/K11234
请问 这是什么程序源码啊