SNMP Traps

Started by fj89j, November 05, 2013, 03:45:17 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

fj89j

November 05, 2013, 03:45:17 PM
Hi all

I am trying to trap on BPDU protection on Procurve switches and the issue I am coming across is that the trap OID .1.3.6.1.4.1.11.2.3.7.11.79.0.2 seems to be used for a few other things, do I need to match by part of the string in the varbinds, specifically: .1.3.6.1.2.1.16.9.1.1.2.839

Now, when I set this up, I get events firing for the OID only, not taking .1.3.6.1.2.1.16.9.1.1.2.839 into consideration.

I am stating .1.3.6.1.2.1.16.9.1.1.2.839 under the parameters under Edit SNMP Trap Mapping.

Here is an excerpt of the trap from a CSV export:

"05.11.2013 13:33:50","10.1.1.1","switch",".1.3.6.1.4.1.11.2.3.7.11.79.0.2",".1.3.6.1.2.1.16.9.1.1.2.839 == 'I 11/05/13 13:34:25 stp: port 12 disabled for 1200 seconds - BPDU received on protected port.'"

Also, it'd be really good to be able to get the trap information, like port number passed, so I could email the event.

Any ideas where I am going wrong?

Thanks

Victor Kirhenshtein

#1
November 05, 2013, 05:16:01 PM
Events will be generated based on trap OID only. However, you can filter them later in event processing policy. For example, if you have .1.3.6.1.2.1.16.9.1.1.2.839 varbind mapped to event parameter, you can check if it is empty or not. Filtering script for event processing policy will be like

Code Select

return (($2 != null) && ($2 != ""));


For notifications, you can just use %2 in e-mail action - it will be replaced by full varbind value. Alternatively, you can parse it in filtering script using regular expressions and pass required parts to the email.

Best regards,
Victor

fj89j

#2
November 07, 2013, 12:49:31 AM
Victor,

Thank you.

I'd like to say that although I've posted a few questions that are probably newbie questions, the responses from you have always been fast and spot on.

I believe that the issue with most queries is user education on NetXMS. From using products (that shall rename nameless) in the past, it's refreshing to use a product that can pretty much do anything.

If you need any labs equipment (mainly Cisco) for use on testing, let me know, happy to help.

If you guys can get NetFlow into this beast so you can report on it, it'll truly be the only thing I'll ever need to use for monitoring.

Thank you, again.
Print
Go Up Pages1
User actions