keep icon indicating copy to clipboard operation
keep copied to clipboard
verified publisher icon keephq

feat(provider): Add SNMP provider implementation

Open onyedikachi-david opened this issue 8 months ago • 1 comments

Closes #2112 /claim #2112 image image

📑 Description

This PR adds a new SNMP provider to Keep that enables receiving SNMP traps as alerts. The implementation includes:

  • [x] Full SNMP provider implementation with support for v1, v2c, and v3 protocols
  • [x] SNMP trap receiver that converts traps to Keep alerts
  • [x] Configurable trap port (default: 1162)
  • [x] Proper error handling and logging
  • [x] Automatic severity mapping from trap data
  • [x] Support for both IPv4 and IPv6 trap reception
  • [x] Comprehensive configuration validation
  • [x] Provider scopes:
    • Read (mandatory): For reading SNMP data from agents
    • Write (optional): For setting SNMP values on agents
    • Trap (optional): For receiving SNMP traps

✅ Checks

  • [x] My pull request adheres to the code style of this project
  • [x] My code requires changes to the documentation
  • [x] All the tests have passed

ℹ Additional Information

Configuration

The SNMP provider supports the following authentication configurations:

  • For v1/v2c:

    • Host
    • Version (v1/v2c)
    • Community string
    • Port (default: 161)
    • Trap port (default: 1162)

  • For v3:

    • Host
    • Version (v3)
    • Username
    • Authentication protocol (MD5/SHA)
    • Authentication key
    • Privacy protocol (DES/AES)
    • Privacy key
    • Security level (noAuthNoPriv/authNoPriv/authPriv)
    • Port (default: 161)
    • Trap port (default: 1162)

Alert Generation

SNMP traps are converted to Keep alerts with:

  • Automatic severity mapping based on trap data
  • Source tracking from agent address
  • Detailed trap information in alert description

Testing

The implementation includes tests for:

  • Configuration validation
  • Error handling scenarios

Breaking Changes

None. This is a new provider that doesn't affect existing functionality.

onyedikachi-david avatar Apr 12 '25 08:04 onyedikachi-david

@onyedikachi-david is attempting to deploy a commit to the KeepHQ Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Apr 12 '25 08:04 vercel[bot]

@shahargl @onyedikachi-david i'm closing this one for now as it seems to be stale and @onyedikachi-david haven't answered for a while. If you think this is a mistake, please re-open the issue.

talboren avatar Apr 28 '25 07:04 talboren

@onyedikachi-david please edit /keep/keep/api/routes/alerts.py for take another data which diff at POST for /event/{provider_type} with another protocol (in your case UDP) and processing data with provider function parse_event_raw_body()

image

00041275 avatar May 07 '25 22:05 00041275