RE: [nv-l] snmp trap

James, what i receive from the firewall server is 1.3.6.1.4.1.2620.1.1.
specific 0
but the output script from the mib vendor tell me another thing
:1.3.6.1.6.3.1.1.5

see file 1 (firewall.trap)

i was thinking that when we add some trap whatever i received from the
firewall server will be format correctly, 
but it seem that i must manuelly add trap
i tried to addtrap with this number 1.3.6.1.4.1.2620.1.1...

i'm gonna try to format correctly one, if you have other advice, please let
me know

thank again
Dom



-----Message d'origine-----
De : James Shanks [mailto:jshanks AT us.ibm DOT com]
Envoyé : 4 avril, 2002 11:38
À : D'Apice, Dominic; nv-l AT lists.tivoli DOT com
Objet : Re: [nv-l] snmp trap


Dominic -

I am sorry to say that just because you format a trap using the vendor's 
MIB does not mean that the information in it is clear or obvious.
Trapd is formatting the trap according to what he was told in trapd.conf.
If you use xnmtrap and go find the definition for this trap you will see 
that.

What trap is it?  It is specific trap 0 from enterprise
1.3.6.1.4.1.2620.1.1.   Given the usual ordering of these things, that is
probably coldstart, 
but you can verify this with xnmtrap.  You can also change the wording of 
what is displayed when this trap is received by changing the Log message 
for that trap.  The man page on trapd,conf will help you understand the 
variables, I hope.

James Shanks
Level 3 Support  for Tivoli NetView for UNIX and NT
Tivoli Software / IBM Software Group
 





"D'Apice, Dominic" <D.D'Apice AT SAQ.qc DOT ca>
04/04/2002 10:55 AM

 
        To:     nv-l AT lists.tivoli DOT com
        cc: 
        Subject:        [nv-l] snmp trap

 

Hello, aix4.3.3, NV7.1

I just add some new snmp trap for firewall checkpoint.
 the output is a scripts with the 6 specific trap 
(coldstart,warmstart...).
but when i receive firewall snmp trap i have this king of trap

Can someone tell me what this snmptrap mean ? it is one of the regular
specific trap "0" like "coldstart" ? or is a other one...???

---------------------------------------------
Thu Apr 04 10:20:58 2002 sxpcmc0001.saq. ? Enterprise specific trap (0) 
from
ENTERPRISES: args(1):
 [1] private.enterprises.2620.1.1.11.0 (OctetString):  4Apr2002 10:20:47
drop   SAQ1_EXT   >eth-s1p1c0 snmptrap proto udp src MERLOT_COURRIER_INT 
dst
172.20.29.60 service netbios-ns s_port netbios-ns len 78 rule 18 xlatesrc
MERLOT_COURRIER_INT xlatedst 172.20.29.60 xlatesport netbios-ns xlatedport
netbios-ns
 community:public enterprise:1.3.6.1.4.1.2620.1.1
 AgentAddr:sxpcmc0001.saq.qc.ca generic-trap:6 time:0

SPECIFIC   : 0 (hex: 0)
GENERIC    : 6
CATEGORY   : Status Events
ENTERPRISE : ENTERPRISES  1.3.6.1.4.1.2620.1.1
SOURCE     : Source not known (?)
HOSTNAME   : sxpcmc0001.saq.qc.ca
SEVERITY   : Indeterminate
LOGGEDTIME : 04/04/02 10:20:58
-----------------------------------------

thank
> Dominic D'Apice
> * D.D'Apice AT saq.qc DOT ca
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: nv-l-unsubscribe AT lists.tivoli DOT com
For additional commands, e-mail: nv-l-help AT lists.tivoli DOT com

*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)
firewall.trap
Description: Binary data
Itry.jpg
Description: JPEG image
MIBdone.jpg
Description: JPEG image