Processing SNMP Traps into Alarms
What
is SNMP Trap?
Traps are cryptic messages of a fault that occurs in an SNMP device.
SNMP traps are alerts generated by agents on a managed device. These
traps generate 5 types of data:
- Coldstart or Warmstart: The agent reinitialized its configuration
tables.
- Linkup or Linkdown: A network interface card (NIC) on the agent
either fails or reinitializes.
- Authentication fails: This happens when an SNMP agent gets a
request from an unrecognized community name.
- egpNeighborloss: Agent cannot communicate with its EGP (Exterior
Gateway Protocol) peer.
- Enterprise specific: Vendor specific error conditions and error
codes.
Processing
SNMP Traps into Alarms
OpManager enables you to process the traps from the managed devices.
- When a trap is received from a managed device, the match criteria
in the parser determines whether a specific trap matches the conditions
specified in the Trap Processor. Once a matching Trap is found,
an alert is generated.
- Trap Processor Converts the cryptic message to
human-readable alarm.
- Configure OpManager to process the traps that are not processed
out-of-the-box and convert them into alarms.
- The traps that are not processed are listed under 'Unsolicited
Traps'.
Tools
The following actions can be done by clicking the relevant icon:
- Edit: Edit the Trap
- Enable or disable trap processing: Click to enable/disable trap
processing
- Delete processor: Delete the Trap Processor
- Search Processor: Enter the start or end letters of the trap name
to search for a trap. You can search by entering an OID too.
Adding/Modifying
Trap Processor
- Go to Admin --> SNMP Trap Processors.
- Click ‘Add New Trap’ to
process the unsolicited traps.
- Click the TrapParser
name/ Edit icon to modify an existing one.
- Configure/Modify the following properties:
- Trap Name: Configure a
name for the new trap processor.
- Description: Describe
the trap.
- Snmp Trap Version:
Select the version (SNMP V1/V2c).
- SNMP V1 Properties:
- Generic Type: Cold Start, Link Up, Enterprise, etc. Select
the appropriate type for the OID
- Specific Type: When Generic Type is set to Enterprise a
specific trap ID s identified
- Enterprise OID: Corporation or organization from where the
trap originated, such as .1.3.6.1.4.1.x SNMP V2C / V3
- SNMP V2 Properties:
- Trap OID: For devices with SNMP v2c version, select the trap
oid from the MIB using the Select button.
- Message: Select the
required message variables.
- Severity: Select the
Alarm severity.
- Advanced: Click this button to specify the following match
conditions for finer processing of traps.
- Match Criteria: Select the appropriate radio button to either
match any one or all the conditions that you specify. Select the
variable bindings, the condition, and the string to be matched.
- Rearm Criteria: Similarly, select the appropriate radio
button to match the rearm conditions. Select the variable bindings, the
condition, and the string to be matched.
- Failure Component: This option is useful when you deal with a
single trap OID that has multiple failure components. The Varbinds
containing more details on the trap will have information on the failed
components (entities like cpu, temperature etc). You can match the
entity too by appending the VarBind number in this field to generate
separate alarms for the failed components. For instance,
$Source_trapName_trap_$v5.
- Source: Append the Varbinds to be matched if required. This
option is useful if the trap is forwarded from another source.
- Click Add/Save for the configuration to take
effect.
Loading
Trap Parsers from a MIB
Following are the steps to load the traps from various MIBs
- Under the Admin tab,
select SNMP Trap Processors.
All the configured processors are listed here.
- On the right, click on Load
Traps From Mibs.
- From the list of MIBs, select the MIB from which you would like
to load the trap variable. The traps in that MIB are listed.
- Select the required trap variable, and click Add Trap Processor(s).
A Processor for the selected trap is added, and is listed under the
SNMP Trap Processors.
How
to process the Unsolicited Traps?
- Click on Unsolicited Traps
in Alarms tab.
- Click on Create Trap Processor
corresponding to the trap message.
- Type a name for TrapName.
- Make sure that the status is enabled.
- Select the Severity.
- Click on Add.
How
to configure SNMP Traps in Agent ?
Despite configuring the SNMP Trap Processor in opmanager, you might
still not see the alarms based on traps. You might need to check the
SNMP agent configuration on the monitored devices.
Copyright © 2012,
ZOHO Corp. All Rights Reserved.