KBI 220020 SNMP Trap Monitor

Version

All

Date

3 Jan 2000

Summary

The SNMP Trap Monitor enables the Argent Guardian to monitor and alert on any SNMP trap it detects.

Technical Background

When configuring the Argent Guardian to monitor these traps read the following.

The Enterprise OID

This is the top-level Group OID, different from the variable OID’s inside the trap message body.

Get this from the Argent Guardian’s OID Browser, or from the device’s documentation, or by generating an actual trap and checking the svc_log.txt file, which shows the Enterprise OID inside this log, for example:

Enterprise Oid=.iso.org.dod.internet.private.enterprises.1130.0.0.0.0.0 (.1.3.6.1.4.1.1130.0.0.0.0.0)

The Variable OID

Variable OID’s may occur in the trap message.

The Variable OID can be found from either the documentation or by checking the svc_log.txt file after a trap has been sent, for example:

.1.3.6.1.4.1.1130.1.4

The Variable Value

This is the Variable OID’s value to monitor. It is important to know the data type, such as Integer, Octet String, etc.

If it is specified incorrectly the Argent Guardian will not operate correctly.

Don’t confuse the Variable OID with the Variable Value.

Enter this information into an SNMP Trap Monitor definition.

Resolution

In Screen G307 enter the Enterprise OID in the Trap Enterprise OID List.

Be careful entering the data and using wildcards.

A common mistake is forgetting to include the preceding period.

In the example above for the Enterprise OID, both .1.3.6.1.4.1.1130.0.0.0.0.0 and .1.3.6.1.4.1.1130.* are valid.

Multiple Enterprise OIDs can be added and they are logically OR’d. Or the enterprise

OID list is left blank which means all enterprise OIDs will match.

Next, enter the type and value into the Trap SNMP Filter box

Multiple Trap SNMP Filters can be added by using an OR logical connector.

Multiple Trap SNMP Filters without an OR connector will be AND’ed.

The specific OID can be selected from the list of SNMP Variable types.

For, the example above to monitor the OID .1.3.6.1.4.1.1130.1.4 for a Integer value of 9 view the following Screenshot.

IF THE TRAP DOES NOT TRIGGER AN ALERT, EXAMINE THE SVC_LOG.TXT.

A LOG IS CREATED FOR ANY TRAP MESSAGE WITH AN ERROR.