Siemens, a Global Fortune 500 company, will be saving $20,000 with Pate Consulting and a little open source project named LooperNG. LooperNG is specifically designed to replace NetCool NNM probes. Basically, LooperNG has input modules and output modules. Both types of modules can read/write in multiple formats – SNMP trap, syslog, log file, and NetCool database to name the most common.
NetCool licenses by the number of aggregators sending inbound SNMP traps to it as well as the number of NetCool database connections that it makes.
Siemens has a multitude of aggregators sending traps and, therefore, pay thousands of dollars on license fees. In addition, the NetCool NNM probe makes a connection to the NetCool database after processing the incoming traps through a set of rules. This is where LooperNG's magic comes in to the picture.
What if you could take the Netcool NNM probe and replace it with a Linux box that receives the traps, passes them through the same rulesets, and sends the results to the NetCool database? With LooperNG, you can!!
In this article, I'm going to run through a basic install of LooperNG and configure it to output to a NetCool database server with a simple rule set.
Download tar.gz file from
http://prdownloads.sourceforge.net/looper/looperng-1.3.tar.gz?download
[root@host]# mkdir -p /opt/local/looper
[root@host]# export LOOPER_HOME=/opt/local/looper
Install Perl 5.8.0 or greater. Verify with perl -v
Follow directions in README file. Some packages may be necessary (unzip, make, gcc)
Be sure to install make before running the 'perl -MCPAN -e shell' command
[root@host]# yum install make
The freetds RPM (CentOS) is required for NetCool installs. However, for freeTDS to work with NetCool, a patch needs to be applied. For more information, visit
http://netcoolusers.org/Home
To simplify things, I created a custom RPM with the NetCool patch included.
[root@host]# rpm -ivh freetds-0.63-1.netcool.i386.rpm
perl-Time-Hires, perl-Digest-MD5, perl-MIME-Base64 are included in the CentOS base perl package.
Additional Perl RPMs/Modules needed (sources are indicated in parentheses):
perl-Data-Dumper-2.121-1.el5.rf.i386.rpm (Dag)
perl-File-Tail-0.99.3-1.2.el5.rf.noarch.rpm (Dag)
perl-Net-SNMP-5.2.0-1.2.el5.rf.noarch.rpm (Dag)
perl-POE-0.9999-1.el5.rf.noarch.rpm (Dag)
perl-Socket6-0.19-3.fc6 (yum)
perl-Digest-HMAC-1.01-15 (yum)
perl-Digest-SHA1-2.11-1.2.1 (yum)
perl-Crypt-DES-2.05-3.2 (Dag)
perl-URI-1.35-3 (yum)
perl-Tk-804.028-2 (Dag)
perl-DBI-1.52-2 (yum) – required for NetCool installs
perl-DBD-Sybase-1.08-1 (Dag) – required for NetCool installs – NetCool patch required
perl-SNMP-MIB-Compiler (CPAN command line as per REAME file)
perl-POE (CPAN command line as per REAME file) – CentOS package available, but not for dependencies
Run ./install.sh from the tar.gz destination directory and follow directions
[root@host]# cd /home/setup/looperng-distrib
[root@host]# ./install.sh
You should get:
Installation complete.
Looper has now been installed in /opt/local/looper.
Default admin password is buggeroff
If you installed the Netcool support libs, remember to
copy your interfaces file to /opt/local/looper/freetds.
Now, start looperng:
[root@host]# cd /opt/local/looper
[root@host]# ./looperng &
Now, LooperNG is installed and running. You can access it via a telnet session:
[root@host]# telnet localhost 5788
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
LooperNG 1.2 running with PID 2497
Listening on hostname:5788
ready
auth buggeroff
Password Accepted
show modules
Name, Type, Status, TID
At this point, you will not see any modules. The modules need to be defined in the config file.
We need 2 modules for this scenario: snmpd_in and netcool_out:
1) snmpd_in Module:
Set the __autostart, module name, and debug options in the looperng config file.
2) netcool_out Module:
Set the server (referenced in interfaces file), username, sybasehome, and password variables in the looperng config.
Here is the config file when done. I put mine in /etc/looperng.conf:
======================-config file-==================
# Uncomment the below line to use a rules file.
rulesfile = '/opt/local/looper/conf/rules/netcool.rules'
# Set log level and location. The location can be overridden
# with the --stderr switch.
loglevel = '4'
logfile = '/opt/local/looper/log/looper.log'
# Set the listen port for the admin server (--port).
port = '5788'
# MD5 encrypted password. Use --md5 to generate a new password.
password = 'cf79217d6d9da75c6605bffb8eeabb96'
# Start an SNMP trap collector called snmpd_in1
input snmpd_in1 {
# Don't start the module. Any parameter that begins with
# two underscores is processed by LooperNG and applies to
# all modules.
__autostart = 'no'
# Module file name
module = 'snmpd_in'
debugmessages = '/opt/local/looper/log/snmpd_in.log'
debugmode = '4'
}
output netcool_out1 {
__autostart = 'no'
module = 'netcool_out'
server = 'NCOMS'
username = 'username'
password = 'xxxxxxxx'
sybasehome = '/opt/local/looper/freetds'
debugmessages = '/opt/local/looper/log/netcool_out.log'
debugmode = '4'
}
# A new output module named logfile_out1. This module is used to
# send events to a log file. Useful debugging aid.
output logfile_out1 {
module = 'logfile_out'
# Name of file to send alerts to
filename = '/opt/local/looper/log/test.out'
# If set to 0 will overwrite existing file
append = 1
debugmode = '4'
debugmessages = '/opt/local/looper/log/logfile_out.log'
}
======================-config file-==================
The __autostart directive tells LooperNG not to start this module on startup. We will start this module manually from the telnet interface later.
**NOTE: The interfaces.solaris2 file needs to be renamed to interfaces and copied to /opt/local/looper/freetds.
Also, the sybasehome setting in the conf file needs to point to /opt/local/looper/freetds
Now, to load our new config file, we need to restart looperNG:
[root@host]# kill `ps -ef | grep looperng | grep -v grep | awk '{print $2}'`
[root@host]# /opt/local/looper/looperng -c /etc/looperng.conf –stderr &
The –stderr switch throws all looperng output to the screen. For production use, just omit the switch and it will output to the logfile variable set in the config file.
Now, connect to LooperNG again using telnet, authenticate, then:
show modules
Name, Type, Status, TID
netcool_out1, Output, Stopped, -1
snmpd_in1, Input, Stopped, -1
logfile_out1, Output, Running, 1
As you can see, our netcool_out and snmpd_in modules are stopped. This is because we set __autostart = 'no' on both. Now, we start our modules manually:
start snmpd_in1
Starting snmpd_in1.
show modules
Name, Type, Status, TID
netcool_out1, Output, Stopped, -1
snmpd_in1, Input, Running, 4
logfile_out1, Output, Running, 1
start netcool_out1
Starting netcool_out1
show modules
Name, Type, Status, TID
netcool_out1, Output, Running, 5
snmpd_in1, Input, Running, 4
logfile_out1, Output, Running, 1
Now, we have all modules running. This host should now be listening for inbound SNMP traps at this point on UDP port 162.
LooperNG Rules:
As you may notice, the beginning of our config file references a rules file:
rules /opt/local/looper/conf/rules/test.rules
This simple rules file is great for testing our 2 modules.
======================-rules file-==================
%OUT = ();
if ( $IN{__module} eq 'snmpd_in1' )
{
LOG (4, "Got trap...");
$OUT{Manager} = "WebNMS Zenoss Probe";
$OUT{AlertGroup} = "WebNMS-Northbound-Alarm";
$OUT{AlertKey} = "NOC-Automation";
$OUT{Agent} = "WebNMS-Zenoss";
$OUT{Class} = "400";
$OUT{Node} = $IN{varbind0};
$OUT{NodeAlias} = $IN{varbind0};
$OUT{Summary} = $IN{varbind1};
if ( $IN{varbind2} eq "Alarm" )
{
$OUT{Severity} = 5;
$OUT{Type} = 1;
}
if ( $IN{varbind2} eq "Clear" )
{
$OUT{Severity} = 1;
$OUT{Type} = 2;
}
$OUT{Identifier} = "$OUT{Summary} $OUT{Node} $OUT{AlertGroup} $OUT{AlertKey} $IN{varbind2}";
$OUT{EventId} = "$OUT{Summary} $OUT{Node} $OUT{AlertGroup} $OUT{AlertKey}";
SEND ('netcool_out1');
}
======================-rules file-==================
This rule checks for an SNMP trap that comes in and reads the varbind information from it. The $OUT{variable} is similar to the @variable in the NetCool rules. The NetCool values are set here and sent to the NetCool database with the SEND function.
When a rules file is modified, the rules need to be reloaded from the admin interface:
rules /opt/local/looper/conf/rules/netcool.rules
This simple rule was used for testing purposes only and only scratches the surface of what can be done with LooperNG.
For more information on rules, visit
http://muthanna.com/looperng/tutorial/LooperNgTutorial.html
This simple open source project is saving Siemens over $20,000 in licensing fees alone. Knowing how many open source projects exist to do just about anything, the cost savings could be staggering not to mention the “freedom” they give you to run your business!
