AnywhereUSB/2 - No SNMP trap / snmp OID for plugged USB devices?

Hello

I would like to monitor presence of USB dongles on my AnywhereUSB/2 device (as it will lock an important service in our company if it get disabled)

I activated SNMP traps, but physically removing/inserting a dongle does NOT trigger event.
(For me, this should be the most important trap an equipment like AnywhereUSB should throw?)

Note: traps are actives and configured, I get some when doing a cold restart. (And I ticked all traps categories on the web interface)

I also tried with snmpwalk, but this does not give information on USB ports either…

Is there a way to monitor those ports??

Thanks a lot

Unfortunately, the SNMP traps are used to log events for the AnywhereUSB unit itself and not the individual USB ports. For monitoring the USB ports, you might want to look into third party USB port monitoring software to use on the Windows side or contact Digi to put in a feature request.

As I half expected this answer, I already made a quirk script to fetch active threads from SSH connection, and detect those dedicated to USB management (command ‘display threads’)

It is not perfect, but will do until I find a replacement for the AnywhereUSB device… sorry for that (but in my case it is really important to monitor the dongle, as it will stop our production environment if disabled)

Here is the Nagios script I made:


#!/bin/bash

Check USB devices presence on DIGI AnywhereUSB equiment (only tested on AnywhereUSB/2)

Note: don’t forget to make a manual SSH connection to the server first, to accept

it’s key, or this script will fail… (ssh connection will be refused)

(c)2016 KOMORI-CHAMBON SAS

Jeremie LEGRAND

Return codes:

0 OK

1 WARNING

2 CRITICAL

3 UNKNOWN

Version: 1

Initial release

Default SSH user

USER=root

Default SSH password

PASS=

Default SSH port

PORT=22

Constants

RET_OK=0
RET_WARN=1
RET_CRIT=2
RET_UNKN=3

Usage

usage() {
echo “Usage:”
echo " $0 -H host -e [-u user] [–help]"
echo “”
echo “Options :”
echo " -h, --help This help"
echo " -H, --host Checked AnywhereUSB equipment IP"
echo " -P, --port SSH port (default = $PORT)"
echo " -e, --expected Expected USB devices count"
echo " -p, --pass SSH password (default = $PASS)"
echo " -u, --user SSH user (default = $USER)"
echo " -v, --verbose Be verbose on errors"
echo “”
exit $RET_UNKN
}
EXPECTED=
VERB=0
OPTS=$(getopt -o hH:P:e:p:u: --long help,host:,port:,expected:,pass:,user: -n “$0” – “$@”)
[ $? -ne 0 ] && usage
eval set – “$OPTS”
while [ $# -gt 0 ]; do
case $1 in
-h|–help) usage; shift ;;
-H|–host) ADR=$2; shift 2 ;;
-P|–port) PORT=$2; shift 2 ;;
-e|–expected) EXPECTED=$2; shift 2 ;;
-p|–pass) PASS=“$2”; shift 2 ;;
-u|–user) USER=$2; shift 2 ;;
-v|–verbose) VERB=1; shift ;;
–) shift; break ;;
*) echo “Unknown argument: $1”
usage
;;
esac
done
[ -z “$ADR” ] && echo “Unspecified host.” && usage
[ -z “$PORT” ] && echo “Unspecified connection port.” && usage
[ -z “$USER” ] && echo “Unspecified SSH user.” && usage
[ -z “$EXPECTED” ] && echo “Unspecified expected number of USB devices.” && usage

Fetch active threads

dump=$( expect <&1
expect {
# First time we connect to this server? (add key in known hosts)
“continue connecting (yes/no)?” {
send – “yes\r”
exp_continue
}
“Permission denied” {
exit 1
}
“Host key verification failed” {
exit 1
}
“password:” {
send – “$PASS\r”
exp_continue
}
“#>” {}
timeout {
exit 1
}
}
send – “display threads\r”
expect “#>”
send – “exit\r”
expect eof
EOF
) &>/dev/null

Error?

retCode=$?
if [ $retCode -ne 0 ]; then
echo "ERROR - “$(echo “$dump” | tail -n1)
[ $VERB -eq 1 ] && echo -e "
SSH dump:
$dump”
exit $RET_UNKN
fi

Parse threads to count active sticks

nb=$( echo “$dump” | grep ‘^sema_susp’ | grep ‘[[:space:]]([^2]’ | wc -l )
[ $nb -gt 1 ] && s=‘s’ || s=‘’

Got everybody?

if [ “$nb” = “$EXPECTED” ]; then
echo “OK - $EXPECTED USB device$s plugged”
RET_CODE=$RET_OK

Missing somebody?

else
if [ $nb -eq 0 ]; then
echo “CRITICAL - No USB device plugged”
RET_CODE=$RET_CRIT
else
echo “WARNING - $nb USB device$s plugged ($EXPECTED expected)”
RET_CODE=$RET_WARN
fi
fi
exit $RET_CODE;


Usage example:
check_anywhereusb.sh -h 192.x.x.x -u root -p password -e 1

Thanks for sharing your workaround!