Just checking - Have you setup trap filter to fireup the alarm?
I am sure you've already checked that the WUG has MIB compiled in it.
On Sat, Oct 1, 2011 at 2:36 AM, Joe Astorino <joeastorino1982_at_gmail.com>wrote:
> Does anybody use a NMS solution to capture SNMP trap information and then
> fire off some sort of alert (paging, email, text, etc)? I have an existing
> setup using What's Up Gold that I have configured to listen for traps. I
> have some Cisco switches with port-security configured. My port-security
> violation is the default action of shutdown, which does not fire off an
> SNMP
> trap, but I do have the switch configured to send an snmp trap for
> errdisable.
>
> This works, and when the switch has a port that goes errdisabled it sends
> the trap to the NMS. However, the NMS doesn't seem to parse the OID into
> anything useful for something like an alert. Below is the trap that is
> received by the NMS. The proper MIB containing these traps is loaded on
> the
> NMS. I was under the impression that the NMS could perhaps parse this trap
> information and tell me something like "Interface Gi4/0/10 went errdisable
> due to a port-security violation" All that information is indeed in the
> trap, but it is all encoded as OIDs
>
> For example, the trap "cErrDisableIfStatusCause.11610.0=9" has exactly what
> I need. In this case the interface index ID that went down is indeed
> 11610. If you dig into the MIB you can see that cErrDisableIfStatusCause 9
> is for a port-security violation. I'm thinking there has to be a way to
> take this trap information and make it into something useful to fire out as
> an alert to people. Thanks!
>
> TrapName=cErrDisableInterfaceEvent
> TrapMajor=6
> TrapMinor=1
> CommunityName=T3chn0lOgy123
> cErrDisableIfStatusCause.11610.0=9
> Packet Type=SNMPv2 Trap
> 1.3.6.1.2.1.1.3.0=61days 05:28:52.12
> 1.3.6.1.6.3.1.1.4.1.0=1.3.6.1.4.1.9.9.548.0.1.1
> Protocol Version=SNMPv2
> snmpTrapOID.0=1.3.6.1.4.1.9.9.548.0.1.1 (cErrDisableInterfaceEvent)
> Timetick=61days 05:28:52.12
> 1.3.6.1.4.1.9.9.548.1.3.1.1.2.11610.0=9
> Object=1.3.6.1.4.1.9.9.548.0.1 (cErrDisableNotificationsPrefix)
> sysUpTimeInstance=61days 05:28:52.12
>
> --
> Regards,
>
> Joe Astorino
> CCIE #24347
> Blog: http://astorinonetworks.com
>
> "He not busy being born is busy dying" - Dylan
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Oct 02 2011 - 22:37:43 ART
This archive was generated by hypermail 2.2.0 : Tue Nov 15 2011 - 13:10:29 ART