Skip to content

Commit

Permalink
fix: add debug logs for traps
Browse files Browse the repository at this point in the history
Signed-off-by: Ilya Kheifets <[email protected]>
  • Loading branch information
ikheifets-splunk committed Sep 10, 2024
1 parent afef8ef commit 7c7f197
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ spec:
value: "http://{{ printf "%s-%s" .Release.Name "mibserver" }}/standard.txt"
- name: LOG_LEVEL
value: {{ .Values.traps.logLevel | default "INFO" }}
- name: PYSNMP_DEBUG
value: {{ .Values.pysnmpDebug | default "" | quote }}
{{- if .Values.splunk.protocol }}
- name: SPLUNK_HEC_SCHEME
value: {{ .Values.splunk.protocol | default "https" | quote }}
Expand Down
1 change: 1 addition & 0 deletions docker_compose/docker-compose-traps.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ services:
- SPLUNK_HEC_INSECURESSL=${SPLUNK_HEC_INSECURESSL:-false}
- SPLUNK_HEC_PATH=${SPLUNK_HEC_PATH:-/services/collector}
- SNMP_V3_SECURITY_ENGINE_ID=${SNMP_V3_SECURITY_ENGINE_ID:-80003a8c04}
- PYSNMP_DEBUG=${PYSNMP_DEBUG}
image: ${SC4SNMP_IMAGE}:${SC4SNMP_TAG:-latest}
networks:
- my_network
Expand Down
7 changes: 6 additions & 1 deletion splunk_connect_for_snmp/snmp/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,11 @@
logger = get_task_logger(__name__)

if PYSNMP_DEBUG:
# Usage: PYSNMP_DEBUG=dsp,msgproc,io

# List of available debug flags:
# io, dsp, msgproc, secmod, mibbuild, mibview, mibinstrum, acl, proxy, app, all

from pysnmp import debug

debug_flags = list(debug.flagMap.keys())
Expand All @@ -87,7 +92,7 @@
]

if enabled_debug_flags:
debug.setLogger(debug.Debug(*enabled_debug_flags, loggerName=logger))
debug.setLogger(debug.Debug(*enabled_debug_flags, options={'loggerName': logger}))


def return_address_and_port(target):
Expand Down
43 changes: 35 additions & 8 deletions splunk_connect_for_snmp/traps.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@

import asyncio
import os
import sys
from typing import Any, Dict

import yaml
Expand All @@ -48,11 +49,37 @@
SECURITY_ENGINE_ID_LIST = os.getenv("SNMP_V3_SECURITY_ENGINE_ID", "80003a8c04").split(
","
)

LOG_LEVEL = os.getenv("LOG_LEVEL", "INFO")
PYSNMP_DEBUG = os.getenv("PYSNMP_DEBUG", "")

logging.basicConfig(
level=getattr(logging, LOG_LEVEL), format="%(asctime)s %(levelname)s %(message)s"
)
logger = logging.getLogger(__name__)

formatter = logging.Formatter("%(asctime)s %(levelname)s %(message)s")
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(formatter)
handler.setLevel(getattr(logging, LOG_LEVEL))

logger.addHandler(handler)


if PYSNMP_DEBUG:
# Usage: PYSNMP_DEBUG=dsp,msgproc,io

# List of available debug flags:
# io, dsp, msgproc, secmod, mibbuild, mibview, mibinstrum, acl, proxy, app, all

from pysnmp import debug

debug_flags = list(debug.flagMap.keys())
enabled_debug_flags = [
debug_flag.strip()
for debug_flag in PYSNMP_DEBUG.split(",")
if debug_flag.strip() in debug_flags
]

if enabled_debug_flags:
debug.setLogger(debug.Debug(*enabled_debug_flags, options={'loggerName': logger}))

# //using rabbitmq as the message broker
app = Celery("sc4snmp_traps")
Expand All @@ -68,7 +95,7 @@
def cb_fun(
snmp_engine, state_reference, context_engine_id, context_name, varbinds, cb_ctx
):
logging.debug(
logger.debug(
'Notification from ContextEngineId "%s", ContextName "%s"'
% (context_engine_id.prettyPrint(), context_name.prettyPrint())
)
Expand All @@ -94,7 +121,7 @@ def cb_fun(

# Callback function for logging traps authentication errors
def authentication_observer_cb_fun(snmp_engine, execpoint, variables, contexts):
logging.error(
logger.error(
f"Security Model failure for device {variables.get('transportAddress', None)}: "
f"{variables.get('statusInformation', {}).get('errorIndication', None)}"
)
Expand Down Expand Up @@ -154,13 +181,13 @@ def main():
priv_key = get_secret_value(location, "privKey", required=False)

auth_protocol = get_secret_value(location, "authProtocol", required=False)
logging.debug(f"authProtocol: {auth_protocol}")
logger.debug(f"authProtocol: {auth_protocol}")
auth_protocol = AuthProtocolMap.get(auth_protocol.upper(), "NONE")

priv_protocol = get_secret_value(
location, "privProtocol", required=False, default="NONE"
)
logging.debug(f"privProtocol: {priv_protocol}")
logger.debug(f"privProtocol: {priv_protocol}")
priv_protocol = PrivProtocolMap.get(priv_protocol.upper(), "NONE")

for security_engine_id in SECURITY_ENGINE_ID_LIST:
Expand All @@ -173,7 +200,7 @@ def main():
privKey=priv_key,
securityEngineId=v2c.OctetString(hexValue=security_engine_id),
)
logging.debug(
logger.debug(
f"V3 users: {username} auth {auth_protocol} authkey {len(auth_key)*'*'} privprotocol {priv_protocol} "
f"privkey {len(priv_key)*'*'} securityEngineId {len(security_engine_id)*'*'}"
)
Expand Down

0 comments on commit 7c7f197

Please sign in to comment.