Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Egert143

#1
Do i still need to update Agent Conf file also ?, Currently i dont see any events with dooing just the above steps.
#2
Could i get litle demo how to achive the same alerting with Log parser policy? :)
#3
Under Logs -> Events i found the event, but its missing alot of info:

#4
General Support / Agent Policies under templates
February 19, 2024, 09:29:13 AM
i made new Agent Policie under template with the following content
SubAgent=wineventsync.nsm
[WinEventSync]
EventLog=Application
EventLog=Security
EventLog=System

But i dont see it being applied to nodes, even when i click force deployment of agent policies. I think it only gets applied when template is assigned to new node, and not already existing nodes.
#5
I added image how event log displays it.


Also i am thinking it needs to be parsed similarly to syslog but since windows event logs are so big, surely there is better way then to include entire log in one line and add "(.)" where required info is.

#6
So far i have the following:











#7
Hello

I am experimenting with logging and alerting on windows event logs. Logging part works, i would like to get little example on event 4625 (Failed account log on), how to generate alarm that contains user and source ip that tried to log in.

Egert
#8
General Support / Calculating with multiple oids
February 13, 2024, 01:15:39 PM
Hello

I would like to monitor router memory usage but in order for that i need to poll 4 seperate values and do some math with them. What would be the cleanest approach to solve this problem?

Oids:
.1.3.6.1.2.1.25.2.3.1.3.1 [STRING] = Physical memory
.1.3.6.1.2.1.25.2.3.1.4.1 [INTEGER] = 1024 (hrStorageAllocationUnits)
.1.3.6.1.2.1.25.2.3.1.5.1 [INTEGER] = 160908 (hrStorageSize)
.1.3.6.1.2.1.25.2.3.1.6.1 [INTEGER] = 128164 (hrStorageUsed)

Demo math:
125,16*100 / 157,13 = 79,65%

Desired output:
Physical memory = 79,65%
#9
General Support / Free and used subnet addresses.
November 01, 2023, 09:39:15 AM
Hello

Installed new NetXMS version 4.4.2 and i cant find place that shows free and used addresses in subnet. Has this feature been removed?

Egert
#10
Problem is present on all Cisco switches yes, snmp version is v3. I tested the context snmp command on one switch and now it shows other peer nodes aswell. il have to test other switches toobut i think the solution is found. Thank you for the helpfull tip! :) 

Egert
#11
2023.06.14 08:31:02.336 *I* [logger            ] Debug level for tag "topology.fdb" set to 6

2023.06.14 08:31:14.866 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-1
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-3
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-4
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-1002
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-1003
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-1004
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read port table in context vlan-1005
2023.06.14 08:31:14.881 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): 0 entries read from dot1qTpFdbTable
2023.06.14 08:31:14.897 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): 5 entries read from dot1dTpFdbTable
2023.06.14 08:31:14.897 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-1
2023.06.14 08:31:14.897 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-3
2023.06.14 08:31:14.897 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-4
2023.06.14 08:31:14.913 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-1002
2023.06.14 08:31:14.913 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-1003
2023.06.14 08:31:14.913 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-1004
2023.06.14 08:31:14.913 *D* [topology.fdb      ] GetSwitchForwardingDatabase([Sw] SWITCH [132981]): cannot read  FDB in context vlan-1005
2023
2023.06.14 08:31:20.710 *I* [logger            ] Debug level for tag "topology.fdb" set to 0

Log from management:
[14.06.2023 08:31:14] **** Poll request sent to server ****
[14.06.2023 08:31:14] Poll request accepted, waiting for outstanding polling requests to complete...
[14.06.2023 08:31:14] Starting topology poll of node [Sw] SWITCH
[14.06.2023 08:31:14] VLAN list successfully retrieved from node
[14.06.2023 08:31:14] Switch forwarding database retrieved
[14.06.2023 08:31:14] Link layer topology retrieved (7 connections found)
[14.06.2023 08:31:15] Updating peer information on interfaces
[14.06.2023 08:31:15]    Local interface Gi1/0/10 linked to remote interface [Sw] NAME1:Gi0/10
[14.06.2023 08:31:15]    Local interface Gi1/0/15 linked to remote interface [Sw] NAME2:Gi0/10
[14.06.2023 08:31:15]    Local interface Te1/1/1 linked to remote interface [Sw] NAME3:Ethernet1/1
[14.06.2023 08:31:15]    Local interface Te1/1/2 linked to remote interface [Sw] NAME4:Ethernet1/1
[14.06.2023 08:31:15] Link layer topology processed
[14.06.2023 08:31:15] Finished topology poll of node [Sw] SWITCH
[14.06.2023 08:31:15] **** Poll completed successfully ****


Thats the output i got. Hope it helps.
#12
Cisco switch: C9200L-24P-4X (17.3.4b)
Driver: CISCO-GENERIC

NetXMS version 4.3.5

#13
I don't want to hijack a thread, but for example, Cisco C9200L-24P-4X switch peer discovery doesn't work 100%. Only other Cisco switches are discovered, but no other device directly connected to the switch. It broke with a newer version of NetXms, but I don't remember which version exactly.
#14
Hello, is there fix in planning? Cisco switches dont show mac list and connected nodes.
#15
Hello

What could cause this: I have Cisco C2960x-24TS-LL switch, snmp polling is enabled. But in interface tab only other Cisco switches are found (using CDP) and Mikrotik router (using LLDP). But for example servers/cameras are not discovered. Also Topology -> Switch forwarding database is empty.

NetXMS version: 4.3.3

.1.3.111.2.802.1.1.13.1.3.2.0 empty
.1.3.111.2.802.1.1.13.1.4.1.1 empty
.1.0.8802.1.1.2.1.4.1.1 contains info and mac addresses