[Nagiosplug-help] How to format send/expect strings for check_udp against SNMP managed devices?

From: <Ralph.Grothe(at)itdz-berlin.de>
Date: Tue Sep 25 2007 - 06:45:19 EDT

Hello,

I am struggling a bit with check_udp.

I wish to define a check command that can be run against a hostgroup snmp_hosts
which should serve as a kind of check_icmp or check_host for all SNMP managed
devices which have a UDP listening socket at port 161.

This check should merely verify a willing to respond snmp agent without querying any special OID(s) via e.g. check_snmp. I will assume for simplicity that only SNMPv1 is involved and that
the checking manager can authenticate by a simple community string of "public".

Since UDP checks are a bit tricky I guess the check must coax the agent into
sending a response PDU.
Because I know next to nothing about the SNMP I looked at RFC1157 to find out what the protocol requires minimally to be implemented.
I also looked at a tcpdump in wireshark from my regular SNMP check of a known device
to see that the used CPAN module adheres to the RFC.

So from what I saw in wireshark I naively tried this approach

$ check_udp -v -H sensor_r01 -p 161 -E -s "version: version-1 (0)\ncommunity: public" -e "version: version-1" Using service UDP
Port: 161
flags: 0x2
Send string: version: version-1 (0)
community: public
server_expect_count: 1

        0: version: version-1
received 26 bytes from host
#-raw-recv-------#

0
#-raw-recv-------#

looking for [version: version-1] anywhere in [0] couldn't find it
UDP WARNING - Unexpected response from host/socket: 0|time=0.022995s;;;0.000000;10.000000

Assuming that -m relates to the SNMP payload and thus only caring for the first 18 bytes of the response
also doesn't work.

$ check_udp -v -H sensor_r01 -p 161 -E -s "version: version-1 (0)\ncommunity: public" -m 18 -e "version: version-1" Using service UDP
Port: 161
flags: 0x2
Send string: version: version-1 (0)
community: public
server_expect_count: 1

        0: version: version-1
received 26 bytes from host
#-raw-recv-------#

0
#-raw-recv-------#

looking for [version: version-1] anywhere in [0] couldn't find it
UDP WARNING - Unexpected response from host/socket: 0|time=0.005487s;;;0.000000;10.000000

What do I need to change to get an OK from check_udp?

Regards

Ralph

---

This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

---

Nagiosplug-help mailing list
Nagiosplug-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagiosplug-help ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null Received on Tue Sep 25 06:45:37 2007