fix: add debug logs for traps

Signed-off-by: Ilya Kheifets <[email protected]>
splunk · Sep 9, 2024 · 4f9c6fe · 4f9c6fe
1 parent 19e1ad3
commit 4f9c6fe
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 9 deletions.
diff --git a/charts/splunk-connect-for-snmp/templates/traps/deployment.yaml b/charts/splunk-connect-for-snmp/templates/traps/deployment.yaml
@@ -59,6 +59,8 @@ spec:
               value: "http://{{ printf "%s-%s" .Release.Name "mibserver" }}/standard.txt"
             - name: LOG_LEVEL
               value: {{ .Values.traps.logLevel | default "INFO" }}
+            - name: PYSNMP_DEBUG
+              value: {{ .Values.pysnmpDebug | default "" | quote }}
             {{- if .Values.splunk.protocol }}
             - name: SPLUNK_HEC_SCHEME
               value: {{ .Values.splunk.protocol | default "https" | quote }}

diff --git a/docker_compose/docker-compose-traps.yaml b/docker_compose/docker-compose-traps.yaml
@@ -25,6 +25,7 @@ services:
     - SPLUNK_HEC_INSECURESSL=${SPLUNK_HEC_INSECURESSL:-false}
     - SPLUNK_HEC_PATH=${SPLUNK_HEC_PATH:-/services/collector}
     - SNMP_V3_SECURITY_ENGINE_ID=${SNMP_V3_SECURITY_ENGINE_ID:-80003a8c04}
+    - PYSNMP_DEBUG=${PYSNMP_DEBUG}
     image: ${SC4SNMP_IMAGE}:${SC4SNMP_TAG:-latest}
     networks:
       - my_network

diff --git a/splunk_connect_for_snmp/snmp/manager.py b/splunk_connect_for_snmp/snmp/manager.py
@@ -87,7 +87,7 @@
     ]
 
     if enabled_debug_flags:
-        debug.setLogger(debug.Debug(*enabled_debug_flags, loggerName=logger))
+        debug.setLogger(debug.Debug(*enabled_debug_flags, options={'loggerName': logger}))
 
 
 def return_address_and_port(target):

diff --git a/splunk_connect_for_snmp/traps.py b/splunk_connect_for_snmp/traps.py
@@ -27,6 +27,7 @@
 
 import asyncio
 import os
+import sys
 from typing import Any, Dict
 
 import yaml
@@ -48,11 +49,32 @@
 SECURITY_ENGINE_ID_LIST = os.getenv("SNMP_V3_SECURITY_ENGINE_ID", "80003a8c04").split(
     ","
 )
+
 LOG_LEVEL = os.getenv("LOG_LEVEL", "INFO")
+PYSNMP_DEBUG = os.getenv("PYSNMP_DEBUG", "")
 
-logging.basicConfig(
-    level=getattr(logging, LOG_LEVEL), format="%(asctime)s %(levelname)s %(message)s"
-)
+logger = logging.getLogger(__name__)
+
+formatter = logging.Formatter("%(asctime)s %(levelname)s %(message)s")
+handler = logging.StreamHandler(sys.stdout)
+handler.setFormatter(formatter)
+handler.setLevel(getattr(logging, LOG_LEVEL))
+
+logger.addHandler(handler)
+
+
+if PYSNMP_DEBUG:
+    from pysnmp import debug
+
+    debug_flags = list(debug.flagMap.keys())
+    enabled_debug_flags = [
+        debug_flag.strip()
+        for debug_flag in PYSNMP_DEBUG.split(",")
+        if debug_flag.strip() in debug_flags
+    ]
+
+    if enabled_debug_flags:
+        debug.setLogger(debug.Debug(*enabled_debug_flags, options={'loggerName': logger}))
 
 # //using rabbitmq as the message broker
 app = Celery("sc4snmp_traps")
@@ -68,7 +90,7 @@
 def cb_fun(
     snmp_engine, state_reference, context_engine_id, context_name, varbinds, cb_ctx
 ):
-    logging.debug(
+    logger.debug(
         'Notification from ContextEngineId "%s", ContextName "%s"'
         % (context_engine_id.prettyPrint(), context_name.prettyPrint())
     )
@@ -94,7 +116,7 @@ def cb_fun(
 
 # Callback function for logging traps authentication errors
 def authentication_observer_cb_fun(snmp_engine, execpoint, variables, contexts):
-    logging.error(
+    logger.error(
         f"Security Model failure for device {variables.get('transportAddress', None)}: "
         f"{variables.get('statusInformation', {}).get('errorIndication', None)}"
     )
@@ -154,13 +176,13 @@ def main():
             priv_key = get_secret_value(location, "privKey", required=False)
 
             auth_protocol = get_secret_value(location, "authProtocol", required=False)
-            logging.debug(f"authProtocol: {auth_protocol}")
+            logger.debug(f"authProtocol: {auth_protocol}")
             auth_protocol = AuthProtocolMap.get(auth_protocol.upper(), "NONE")
 
             priv_protocol = get_secret_value(
                 location, "privProtocol", required=False, default="NONE"
             )
-            logging.debug(f"privProtocol: {priv_protocol}")
+            logger.debug(f"privProtocol: {priv_protocol}")
             priv_protocol = PrivProtocolMap.get(priv_protocol.upper(), "NONE")
 
             for security_engine_id in SECURITY_ENGINE_ID_LIST:
@@ -173,7 +195,7 @@ def main():
                     privKey=priv_key,
                     securityEngineId=v2c.OctetString(hexValue=security_engine_id),
                 )
-                logging.debug(
+                logger.debug(
                     f"V3 users: {username} auth {auth_protocol} authkey {len(auth_key)*'*'} privprotocol {priv_protocol} "
                     f"privkey {len(priv_key)*'*'} securityEngineId {len(security_engine_id)*'*'}"
                 )