Log snmpv3 auth failures #8917
Log snmpv3 auth failures #8917
Conversation
gosnmp does not return any error when an SNMP get request fails due to authentication. The SNMP agent will return a "report" PDU instead of a "get-response" PDU in this case. A check has been added to verify the packet's PDUType is not "Report"
![telegraf-tiger[bot]](https://avatars.githubusercontent.com/in/94907?s=60&v=4){kind=small}
|
Hi @reimda I have added some hardcoded messages for the most common types of report that will be received. What do you think of that? |
|
There is something going on with gosnmp/gosnmp#314 but I'm not yet convinced it is good yet. |
Hipska
added
the
plugin/input
|
Okay, we can go. When a new version of gosnmp is released, I will update our check.. |
|
With gosnmp/gosnmp#314 merged it sounds like we should change our approach for this PR. If we update gosnmp we won't need to hard code the USM report OIDs, and we can use the improved error message that Get() returns instead of adding our own. |
|
Indeed, so maybe we can already merge this and adapt the improvements when gosnmp releases a new version afterwards? |
|
I was thinking since the gosnmp PR has been merged and since go mod lets us depend on any commit in a library, we don't need to wait for a new gosnmp release. We could I ordinarily avoid using prerelease libraries, but looking at gosnmp's history, besides PR 314 there is only one other code change since the 1.30.0 release and it's pretty simple. In this case using a prerelease doesn't introduce much risk. Gosnmp seems to be making releases every few months and 1.30.0 came out a month ago. If we don't use a prerelease version we will likely have to wait a month or two for a release before we come back to this. |
|
Great! I think I’ll have time this week to implement this. |
@TimRots Thanks for your work on gosnmp and for releasing 1.31.0! I was clearly too pessimistic about release scheduling. Having a gosnmp release that includes gosnmp/gosnmp#314 is great for this PR. |
Thank you @reimda. Happy to help out :)
Since gosnmp became a community effort we try to do a monthly release, but it still depends on how much time we have to work on things. If a bug is urgent and we try to move forward quicker ofc.
314 landed really nice with the help from hipska and superq. Will keep an eye on this pr to see how it works out here :) |
|
Hi @reimda, can you please review again? |
srebhan
added
the
ready for final review
(cherry picked from commit 4b2e2c5)
|
I am still seeing this issue on Centos 7 with Telegraf 1.21.2. We get massive amount of hostnames with random numeric values when a remote SNMPv3 service fails connection. Following through on all the tickets about this issue with gosnmp, is there a fix in sight ? |
|
@Stomper98 whoosh this is a fix/Pr that has been merged a very long time ago. So on our end there is nothing to be fixed since we didn’t got any reports on it anymore. if you experience any snmpv3 issues, please create a new bug with your relevant config and log messages, so we can look into it. |
(cherry picked from commit 4b2e2c5)
While I still believe this is a check that
gosnmpshould do, let's not wait for them to implement.Fixes #7929 as no metrics with strange values will be produced, instead telegraf will return a clear error message.
Closes #8215 since there is no feedback from original author.
Required for all PRs: