feat: add SNMP provider for receiving and processing SNMP traps (#2112) #5296
+1,054
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…hq#2112) This PR adds a new SNMP provider that enables Keep to receive and process SNMP traps from network devices, converting them into actionable Keep alerts. ## Key Features Implemented: - Support for SNMPv1, SNMPv2c, and SNMPv3 protocols - Authentication and encryption for SNMPv3 (MD5/SHA auth, DES/AES privacy) - Automatic severity mapping for standard SNMP traps - Configurable listening address and port - Rich alert context with system information and trap variables - Comprehensive error handling and validation - Added pysnmp dependency for SNMP protocol support - Complete documentation with usage examples ## Standard SNMP Trap Mappings: - coldStart (1.3.6.1.6.3.1.1.5.1) → INFO - warmStart (1.3.6.1.6.3.1.1.5.2) → INFO - linkDown (1.3.6.1.6.3.1.1.5.3) → WARNING - linkUp (1.3.6.1.6.3.1.1.5.4) → INFO - authenticationFailure (1.3.6.1.6.3.1.1.5.5) → HIGH - egpNeighborLoss (1.3.6.1.6.3.1.1.5.6) → WARNING ## Files Added: - keep/providers/snmp_provider/snmp_provider.py - Main provider implementation - keep/providers/snmp_provider/__init__.py - Package initialization - keep/providers/snmp_provider/README.md - Comprehensive documentation - tests/providers/snmp_provider/test_snmp_provider.py - Complete unit tests - Updated pyproject.toml with pysnmp dependency ## Testing: The provider has been tested with comprehensive unit tests covering: - Configuration validation for all SNMP versions - Trap processing and alert formatting - Error handling scenarios - Resource management and cleanup ## Configuration Examples: ### Basic SNMPv1/v2c setup: ```yaml authentication: listen_address: "0.0.0.0" listen_port: 162 community_string: "public" ``` ### Advanced SNMPv3 setup: ```yaml authentication: listen_address: "0.0.0.0" listen_port: 162 community_string: "public" security_name: "snmpuser" auth_protocol: "SHA" auth_key: "authpassword123" priv_protocol: "AES" priv_key: "privpassword123" ``` Closes keephq#2112
|
@vishwamartur is attempting to deploy a commit to the KeepHQ Team on Vercel. A member of the Team first needs to authorize it. |
dosubot
bot
added
size:XXL
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new SNMP provider that enables Keep to receive and process SNMP traps from network devices, converting them into actionable Keep alerts.
🎯 Addresses Issue
Closes #2112 - [🔌 Provider]: SNMP provider
🚀 Key Features Implemented
Multi-Protocol Support
SNMP Trap Processing
Standard SNMP Trap Mappings
coldStart(1.3.6.1.6.3.1.1.5.1) → INFO severitywarmStart(1.3.6.1.6.3.1.1.5.2) → INFO severitylinkDown(1.3.6.1.6.3.1.1.5.3) → WARNING severitylinkUp(1.3.6.1.6.3.1.1.5.4) → INFO severityauthenticationFailure(1.3.6.1.6.3.1.1.5.5) → HIGH severityegpNeighborLoss(1.3.6.1.6.3.1.1.5.6) → WARNING severity📁 Files Added/Modified
Core Implementation
keep/providers/snmp_provider/snmp_provider.py- Main provider implementation (486 lines)keep/providers/snmp_provider/__init__.py- Package initializationkeep/providers/snmp_provider/README.md- Comprehensive documentation (187 lines)pyproject.toml- Addedpysnmp = "^7.1.16"dependencyTesting
tests/providers/snmp_provider/test_snmp_provider.py- Complete unit test suite (354 lines)⚙️ Configuration Examples
Basic SNMPv1/v2c Setup
Advanced SNMPv3 Setup
🧪 Testing Results
Unit Tests: ✅ COMPREHENSIVE
Integration Tests: ✅ VERIFIED
🔒 Security Features
📊 Performance Features
📚 Documentation
snmptrapcommand🎯 Provider Capabilities
snmpSNMP["Monitoring"]["alert"]receive_traps(mandatory)🔧 Dependencies
pysnmp = "^7.1.16"for SNMP protocol support✅ Quality Assurance
🚀 Ready for Production
This implementation is complete and ready for production use. It follows Keep's provider architecture patterns and provides comprehensive SNMP trap reception capabilities for network monitoring and alerting.
Testing: All unit tests pass. The provider has been validated with standalone integration tests.
Documentation: Comprehensive README with configuration examples and troubleshooting guide.
Security: Full SNMPv3 support with authentication and privacy encryption.
Performance: Asynchronous, thread-safe implementation with proper resource management.