splunk · Feb 26, 2021 · Feb 26, 2021 · Feb 26, 2021 · Feb 26, 2021 · Feb 26, 2021
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -43,7 +43,7 @@ jobs:
 
   release:
     docker:
-      - image: circleci/node:11
+      - image: circleci/node:12
     steps:
       - checkout
       - run: npx semantic-release

diff --git a/Dockerfile b/Dockerfile
@@ -9,7 +9,6 @@ RUN cd /tmp ;\
 COPY entrypoint.sh /work/entrypoint.sh
 COPY dist/*.whl /tmp
 COPY config.yaml /work/config.yaml
-COPY lookups /work/lookups
 RUN pip3.8 install $(ls /tmp/*.whl); rm -f /tmp/*.whl
 
 EXPOSE 2162/udp

diff --git a/config.yaml b/config.yaml
@@ -5,16 +5,9 @@ snmp:
     v1:
       - public
       - "my-area"
-  mibs:
-    url:
-      - "file:///usr/share/snmp/mibs"
-      # *TODO*: Replace below URL with MIB Server's URL returned during service discovery. 
-      - "http://mibs.thola.io/asn1/@mib@"
-    load_list:  
-      - "SNMPv2-MIB"
-      - "SNMP-COMMUNITY-MIB"
-      - "SNMPv2-CONF"
-      - "NET-SNMP-EXAMPLES-MIB"
+  mib-server:
+    # This is need to be mapped with k8s
+    url: "http://mib-server:5000"
+    # url: "http://localhost:5000"
 thread-pool:
-  max-suggested-working-threads: 10
-
+  max-suggested-working-threads: 10
diff --git a/lookups/custom_mib_string_table.csv b/lookups/custom_mib_string_table.csv
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -11,6 +11,7 @@ pysnmp = "^4.4.12"
 pyyaml = "^5.4"
 lxml = "^4.6"
 requests = "^2.25.1"
+pymongo = "^3.11.3"
 
 [tool.poetry.dev-dependencies]
 #pytest-splunk-addon = "^1.4.0"

diff --git a/splunk_connect_for_snmp_traps/manager/mib_server_client.py b/splunk_connect_for_snmp_traps/manager/mib_server_client.py
@@ -0,0 +1,61 @@
+import logging
+import json
+import requests
+import os
+from requests.adapters import HTTPAdapter
+from requests.packages.urllib3.util.retry import Retry
+
+logger = logging.getLogger(__name__)
+
+
+def get_translation(var_binds, mib_server_url):
+    """
+    @param var_binds: var_binds object getting from SNMP agents
+    @param mib_server_url: URL of SNMP MIB server
+    @return: translated string
+    """
+    # Construct the payload
+    payload = {}
+    var_binds_list = []
+    for name, val in var_binds:
+        var_bind = {
+            "oid": str(name),
+            "oid_type": name.__class__.__name__,
+            "val": str(val),
+            "val_type": val.__class__.__name__
+        }
+        var_binds_list.append(var_bind)
+    payload["var_binds"] = var_binds_list
+    payload = json.dumps(payload)
+
+    trap_event_string = payload
+
+    # Send the POST request to mib server
+    headers = {'Content-type': 'application/json'}
+    endpoint = "translation"
+    TRANSLATION_URL = os.path.join(mib_server_url.strip('/'), endpoint)
+    logger.debug(f"[-] TRANSLATION_URL: {TRANSLATION_URL}")
+
+    try:
+        # resp = requests.request("POST", TRANSLATION_URL, headers=headers, data=payload)
+        # use Session with Retry
+        retry_strategy = Retry(
+            total=3,
+            backoff_factor = 1,
+            status_forcelist=[429, 500, 502, 503, 504],
+            method_whitelist=["GET", "POST"]
+        )
+        adapter = HTTPAdapter(max_retries=retry_strategy)
+        session = requests.Session()
+        session.mount("https://", adapter)
+        session.mount("http://", adapter)
+        resp = session.post(TRANSLATION_URL, headers=headers, data=payload)
+        # If varBinds gets translated, overide it with the translated one
+        if resp.status_code == 200: 
+            trap_event_string = resp.text
+        if resp.status_code != 200:
+            logger.error(f"[-] Mib Server API Error with code: {resp.status_code}")
+    except Exception as e:
+        logger.error(f"MIB server is unreachable! Error happened while communicating to MIB server to perform the Translation: {e}")
+
+    return trap_event_string
diff --git a/splunk_connect_for_snmp_traps/manager/translator.py b/splunk_connect_for_snmp_traps/manager/translator.py
diff --git a/splunk_connect_for_snmp_traps/manager/trap_server.py b/splunk_connect_for_snmp_traps/manager/trap_server.py
@@ -5,12 +5,7 @@
 from pysnmp.entity.rfc3413 import ntfrcv
 
 from splunk_connect_for_snmp_traps.manager.hec_sender import HecSender
-from splunk_connect_for_snmp_traps.manager.translator import Translator
-
-from pysnmp.smi import builder, view, compiler, rfc1902
-import os
-import json
-import csv
+from splunk_connect_for_snmp_traps.manager.mib_server_client import get_translation
 import socket
 
 logger = logging.getLogger(__name__)
@@ -23,7 +18,6 @@ def __init__(self, args, server_config):
         self._snmp_engine = engine.SnmpEngine()
         self.configure_trap_server()
         self._hec_sender = HecSender(args, self._server_config)
-        self._translator = Translator(server_config)
 
     def configure_trap_server(self):
         self._snmp_engine.observer.registerObserver(
@@ -109,7 +103,11 @@ def snmp_callback_function(
             pass
 
         header["Agent_Address"] = device_ip
-        trap_event_string = self._translator.format_trap_event(var_binds)
+
+        # Send API call to SNMP MIB server to get var_binds translated
+        mib_server_url = self._server_config["snmp"]["mib-server"]["url"]
+        trap_event_string = get_translation(var_binds, mib_server_url)
+
         self._hec_sender.post_data(header["Agent_Hostname"], trap_event_string)
 
     def run_trap_server(self):