Camel route SNMP Trap route - No response for V3 traps - apache-camel

I am new in Camel, trying to create a SNMP Camel route
from("snmp:0.0.0.0:162?protocol=udp&type=TRAP&securityName="
+ new OctetString("MD5DES")+"&snmpVersion="+SnmpConstants.version3+"&securityLevel="
+SecurityLevel.AUTH_PRIV+"&authenticationPassphrase="+snmpuser +
"privacyPassphrase=" + snmppass
+ "&authenticationProtocol=MD5&privacyProtocol=DES").log("{body}");
Once the route is started, I can send snmp Trap from snmptrap commnad for Version V1 and V2 and do not get any auth error and traps are received in the code and printed , but when I send V3 trap from snmptrap command, it shows success on sender side , but nothing is received on Camel code.
snmptrap -v 3 -u user -a MD5 -A password -x DES -X password -l 3 127.0.0.1 '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 12335
Appreciate any help.

Related

How to configure engine ID to send SNMP trap V3 using SNMP4J?

I'm using snmp4j 2.8.4 and Java 1.8
It works when I use the command line to send traps.for example
snmptrapd.conf
authCommunity log,execute,net public
createUser -e 0x8000000001020304 myuser MD5 mypassword DES mypassword1
authUser log,execute,net myuser noauth
The command is
snmptrap -e 0x8000000001020304 -v 3 -u myuser -a MD5 -A myjjpassword -x DES -X myjjpassword1 -l noAuthNoPriv 192.168.135.18:162 "" 1.3.6.1.4.1.48183 1.3.6.1.4.1.48183.1 s "smartmon"
It was ok at this point, but when I used SNMP4J, I didn't know if my engine ID was not set up correctly, which caused the trap failure or some other reason
USM usm = new USM(SecurityProtocols.getInstance(), localEngineID, 0);
SecurityModels.getInstance().addSecurityModel(usm);
usm.updateUser(new UsmUserEntry(new OctetString("myuser"),
new OctetString("0x8000000001020304".getBytes()), new UsmUser(new OctetString("myuser"),
null,
null,
null,
null)));
snmp = new Snmp(transport);
snmp.setLocalEngine(new OctetString("0x8000000001020304".getBytes()).getValue(),0,0);
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3(usm));
transport.listen();
Could you tell me where I have a problem setting?How should I set the Engine ID?Thank you very much for your answers
OctetString uses a different string representation than NET-SNMP does. Thus, you need to specify your engine ID as:
OctetString.fromString("8000000001020304", 16);

Unable to submit Job in Flink using post request via curl request (Request did not match...)

I was trying to send a post request to Flink Job manager running on Kubernetes cluster. While sending post request of /jar/run for a class which doesn't need any command line arguments, it works fine. But while trying to submit a different class in the same jar which requires command line arguments gives following error. -:
{"errors":["Request did not match expected format JarRunRequestBody."]}'
However, while passing command line arguments and submitting job directly like following works -:
./flink run -m localhost:30287 -c com.class.name ~/path/to/jar/1.0-1.0-SNAPSHOT.jar --bootstrap.servers izac-cp-kafka:9092 --group.id test --topic bank_transaction --schema.registry http://mysr-schema-registry:8081 --CepJson """{\"keyId\": \"customer_id\",\"pattern\": [{\"patternName\": \"p1\",\"simpleCondition\":{\"columnName\": \"amount\",\"operator\": \">\",\"value\": \"50\",\"dataType\": \"Int\"}},{\"patternName\":\"p2\",\"simpleCondition\":{\"columnName\":\"amount\",\"operator\":\">\",\"value\":\"30\",\"dataType\":\"Int\"}}],\"connector\":[{\"name\":\"begin\",\"connectorType\":\"next\",\"start\":\"p1\",\"end\":\"p2\"}]}"""
To convert above command to a flink REST based post request I did the following -:
curl -k -v -X POST -H "Content-Type: application/json" --data '{ "entryClass":"com.class.name", "programArgsList": [ "--bootstrap.servers izac-cp-kafka:9092", "--group.id test", "--topic bank_transaction", "--schema.registry http://mysr-schema-registry:8081", "--CepJson """{\"keyId\": \"customer_id\",\"pattern\": [{\"patternName\": \"p1\",\"simpleCondition\":{\"columnName\": \"amount\",\"operator\": \">\",\"value\": \"50\",\"dataType\": \"Int\"}},{\"patternName\":\"p2\",\"simpleCondition\":{\"columnName\":\"amount\",\"operator\":\">\",\"value\":\"30\",\"dataType\":\"Int\"}}],\"connector\":[{\"name\":\"begin\",\"connectorType\":\"next\",\"start\":\"p1\",\"end\":\"p2\"}]}""""]}' http://localhost:30287/jars/2a788e33-c92d-47c4-84af-31e3dff28666_1.0-1.0-SNAPSHOT.jar/run
However, this gave the error as mentioned earlier. I just wanted to convert the above command line job submission to a rest api based submission to flink cluster.
Note -: The post request is for a cluster of flink which already contains the required Jar. I only want to submit a job using a particular class.
I don't think that curl accepts """ as a string interpolation the way scala does so it won't send correct CepJson parameter for sure, so I would start with changing that.
I changed the above curl request to the following and it worked -:
curl -k -v -X POST -H "Content-Type: application/json" --data '{ "entryClass":"com.class.name", "programArgsList": [ "--bootstrap.servers", "izac-cp-kafka:9092", "--group.id"," test", "--topic","bank_transaction", "--schema.registry", "http://mysr-schema-registry:8081", "--CepJson", "{\"keyId\": \"customer_id\",\"pattern\": [{\"patternName\": \"p1\",\"simpleCondition\":{\"columnName\": \"amount\",\"operator\": \">\",\"value\": \"50\",\"dataType\": \"Int\"}},{\"patternName\":\"p2\",\"simpleCondition\":{\"columnName\":\"amount\",\"operator\":\">\",\"value\":\"30\",\"dataType\":\"Int\"}}],\"connector\":[{\"name\":\"begin\",\"connectorType\":\"next\",\"start\":\"p1\",\"end\":\"p2\"}]}"]}' http://localhost:30287/jars/2a788e33-c92d-47c4-84af-31e3dff28666_1.0-1.0-SNAPSHOT.jar/run

Querying Samba AD server with ldapsearch fails with ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

I'm trying to leverage my existing (fully configured and working) Samba AD DC as authentication for XWiki, and other apps.
As such, I'm first trying to do a successful ldapsearch from the XWiki server.
The following command works on the Samba server, but not on the XWiki client:
ubuntu#xwiki:~$ ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://10.0.1.191/ -D "CN=Administrator,CN=Users,DC=ad,DC=nitssolutions,DC=com" -w 'SambaNovi2018' -b 'DC=ad,DC=nitssolutions,DC=com' -s sub '(sAMAccountName=*)' cn mail memberOf
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
However, if I do:
ping 10.0.1.191
I get:
ubuntu#xwiki:~$ ping 10.0.1.191
PING 10.0.1.191 (10.0.1.191) 56(84) bytes of data.
64 bytes from 10.0.1.191: icmp_seq=1 ttl=64 time=135 ms
64 bytes from 10.0.1.191: icmp_seq=2 ttl=64 time=138 ms
64 bytes from 10.0.1.191: icmp_seq=3 ttl=64 time=146 ms
^C
--- 10.0.1.191 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 135.741/140.317/146.970/4.832 ms
and if I do:
telnet 10.0.1.191 636
I'm able to connect.
EDIT: Additional information:
I added a -d 1 to the ldapsearch command line, and now I get:
ubuntu#xwiki:~$ ldapsearch -d 1 -x -LLL -E pr=200/noprompt -H ldaps://10.0.1.191/ -D "CN=Administrator,CN=Users,DC=ad,DC=nitssolutions,DC=com" -w 'SambaNovi2018' -b 'DC=ad,DC=nitssolutions,DC=com' -s sub '(sAMAccountName=*)' cn mail memberOf
ldap_url_parse_ext(ldaps://10.0.1.191/)
ldap_create
ldap_url_parse_ext(ldaps://10.0.1.191:636/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 10.0.1.191:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 10.0.1.191:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect success
TLS: peer cert untrusted or revoked (0x42)
TLS: can't connect: (unknown error code).
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Note, in particular, this line:
TLS: peer cert untrusted or revoked (0x42)
I'm going to try researching this error further, but as of now, I'm still stuck...
EDIT2: Still more additional information:
When I run this command, with the -d 1 parameter on the Samba server, the command works, in spite of having the:
TLS: peer cert untrusted or revoked (0x42)
in the debug output....
Continuing to dig....
Help?
And here I go, answering my own question again...sigh. I should post here more often. Helps me clearly lay out the problem, which inevitably leads to finding a solution.
Anyhow, the solution was:
I had a file, /etc/ldap/ldap.conf on my sambadc machine as well as my xwiki client machine, but the content differed.
The sambadc machine had:
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
# TLS certificates (needed for GnuTLS)
#TLS_CACERT /etc/ssl/certs/ca-certificates.crt
TLS_REQCERT allow
Which worked.
But, my xwiki machine had:
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
# TLS certificates (needed for GnuTLS)
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
which failed.
When I commented out the TLS_CACERT line, and added the TLS_REQCERT line, it all started working as expected.

Tortoise SVN Post-Commit Hook Windows

I'm working on a simple slack integration for SVN projects via a client side post-commit hook in Windows Tortoise SVN using curl to send JSON. I would like to post some basic information, ideally revision number and comment when a commit is made. I added a post-commit client side hook, that executes a postcommit.bat file that succeeds in sending my slack channel a message. What I can't get working is including the passed in variables from tortoise. According to tortoise a SVN client side hook post-commit will include the following argument PATH DEPTH MESSAGEFILE REVISION ERROR CWD https://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-dug-settings.html
Here is my working code, that sends a static string (not including message/revision to my slack channel):
C:\p\curl -H "Content-Type: application/json" -X POST https://hooks.slack.com/services/MYSECRETSERVICE -d "{\"text\":\"Test message\"}"
I would like to do something like this, but the following code does not, it simply posts "RevMessage", or in other words the parameters are not properly passed:
C:\p\curl -H "Content-Type: application/json" -X POST https://hooks.slack.com/services/MYSECRETSERVICE -d "{\"text\":\"Rev%REVISION%Message%MESSAGE%\"}"
Okay, this may have been so specific (judging by view count) that I was bound to answer it myself, lol. Anyway, perhaps someone else will find this useful, here is what ended up working for me. First variables need to be set from arguments, then they can be referenced as shown:
set tsvnPath=%1
set tsvnDepth=%2
set tsvnMsgFile=%3
set /p THEMSG=<%3
set tsvnRevision=%4
set tsvnError=%5
set tsvnCwd=%6
C:\p\curl -H "Content-Type: application/json" -X POST https://hooks.slack.com/services/MYSECRET -d "{\"text\":\"MSG %THEMSG% REV %tsvnRevision%\"}"

Nagios Monitoring Hosts with check_ping

I've deployed a new instance of Nagios on a fresh install of CentOS 7 via the EPEL repository. So the Nagios Core version is 3.5.1.
After installing nagios and nagios-plugins-all (via yum), I've created a number of hosts and service definitions, have tested my configuration with nagios -v /etc/nagios/nagios.cfg, and have Nagios up and running!
Unfortunately, my host checks are failing (although my service checks are working perfectly fine).
Within the Nagios Web GUI / Dashboard, if I drill down into a Host page with the "Host State Information", I see this being reported for "Status Information" (IP address removed):
Status Information: /usr/bin/ping -n -U -w 30 -c 5 {my-host-ip-address}
CRITICAL - Could not interpret output from ping command
So in my troubleshooting, I drilled down into the Nagios Plugins directory (/usr/lib64/nagios/plugins), and ran a test with the check_ping plugin consistent with the way check-host-alive runs the command (see below for my check-host-alive command definition):
./check_ping -H {my-ip-address} -w 3000.0,80% -c 5000.0,100% -p 5
This check_ping command returns the following output:
PING OK - Packet loss = 0%, RTA = 0.63
ms|rta=0.627000ms;3000.000000;5000.000000;0.000000 pl=0%;80;100;0
I haven't changed the definition of how check_ping works, and can confirm that I'm getting a "PING OK" whenever the command is run the same way that check-host-alive runs the command, so I cannot figure out what's going on!
Below are the command definitions for check-host-alive as well as check_ping.
# 'check-host-alive' command definition
define command{
command_name check-host-alive
command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
}
{snip}
# 'check_ping' command definition
define command{
command_name check_ping
command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
}
Any suggestions on how I can fix my check-host-alive command definition to work properly and evaluate the output of check_ping properly?
Edit
Below is the full define host {} template I'm using:
define host {
host_name myers ; The name of this host template
alias Myers
address [redacted]
check_command check-host-alive
contact_groups admins
notifications_enabled 0 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
notification_period 24x7 ; Send host notifications at any time
register 1
max_check_attempts 2
}
For anyone else who runs into this issue, there's another option than changing permissions on ping. Simply change the host check command to use check_host rather than check_ping. While there are certainly some differences in the functionality, the overall end result is the same.
There are those who will say this isn't a good option because of the ability to range the check_ping command, but it should be remembered that host checks aren't even executed until all service checks for a given host have failed. Anyway, if you're interested in testing throughput, there are MUCH better ways of going about it than relying on ICMP, which is the lowest priority traffic type on a network.
I'm sure the OP is well on to other things by now, but hopefully someone else who has this issue will benefit.
I could not found the ping on /usr/bin/ping
# chmod u+s /bin/ping
# ls -al /bin/ping
-rwsr-xr-x 1 root root 40760 Sep 26 2013 /bin/ping*
Finally run the below command,
/usr/local/nagios/libexec/check_ping -H 127.0.0.1 -w 100.0,20% -c 500.0,60% -p 5
I was fairly certain that running chmod U+s /usr/bin/ping would solve the issue, but I was (and still am) wary about chmod'ing system files. It seems to me that there has to be a safer way to do it.
However, in the end, that's what I did - and it works. I don't like it, from a security standpoint.
I also had same problem and the above answers did not work for me. After some checking the issue further noticed that the reason is IP protocol. once I passed the correct IP protocol , It worked fine.
/usr/local/nagios/libexec/check_ping -H localhost -w 3000.0,80% -c 5000.0,100% -4
output
PING OK - Packet loss = 0%, RTA = 0.05 ms|rta=0.051000ms;3000.000000;5000.000000;0.000000 pl=0%;80;100;0
By default It's getting IPv6.
/usr/local/nagios/libexec/check_ping -H localhost -w 3000.0,80% -c 5000.0,100% -6
output
/sbin/ping6 -n -U -W 30 -c 5 localhost
CRITICAL - Could not interpret output from ping command
But when integrating with Nagios server, I could not able to pass this value as an argument. Therefore I have done below workaround in client side nrpe.cfg file
command[check_ping_args]=/usr/local/nagios/libexec/check_ping -H $ARG1$ -w $ARG2$ -c $ARG3$ -4
Here Host, warning and critical thresholds were passing by Nagios host as below,
define service{
use generic-service
hostgroup_name all-servers
service_description Host Ping Status
check_command check_nrpe_args!check_ping_args!localhost!3000.0,80%!5000.0,100%
}

Resources