|
[nv-l] trapd dropping last digit from incoming snmpv2 traps?
2002-10-08 17:08:44
Using: Netview 7.1.2 and AIX 4.3.3
I have seen quite a few posts that hint at this, but am just experiencing the
pain for myself.
I am attempting to catch events generated from a veritas cluster server (VCS).
The VCS
product will only send traps in snmpv2 format.
I formated addtrap lines using the mib2trap command on the vcs.mib file
distributed by Veritas
and modified the result to forward to another NetView server, then ran the
resulting addtrap
commands.
The /usr/OV/conf/C/trapd.conf file contains the following configuration for the
trap I then sent
as a test:
/usr/OV/conf/C/trapd.conf
===============================================================================
clusterGUIUserLoginTrap {1.3.6.1.4.1.1302.3.8.10.2.6} 6 2 A 2 0 "Application
Alert Events"
VCS user has logged in
FORWARD
EVENT_CLASS clusterGUIUserLoginTrap
BEGIN_SLOT_MAPPING
severityId $V1
eventTime $V2
entityName $V3
entityType $V4
entitySubType $V5
entityState $V6
trapOrigin $V7
systemName $V8
systemLocation $V9
entityContainer $V10
entityOwner $V11
message $V12
END_SLOT_MAPPING
SDESC
The VCS GUI user log in.
EDESC
================================================================================
The result of sending that trap displayed the following in the nvevents window.
nvevents
================================================================================
? Trap found with no known format in trapd.conf(4)
Enterprise Veritas-VCS (1.3.6.1.4.1.1302.3.8.10.2) community public
generic trap:6 specific trap:2
Timestamp:35540000 Agentaddr:svcah02 args(10):
[1] private.enterprises.1302.3.8.10.1.15 (Integer): 0
[2] private.enterprises.1302.3.8.10.1.14 (OctetString): Tue Oct 8 16:44:31
2002
[3] private.enterprises.1302.3.8.10.1.4 (OctetString): hostname1
[4] private.enterprises.1302.3.8.10.1.2 (OctetString): VCS
[5] private.enterprises.1302.3.8.10.1.3 (OctetString): user1
[6] private.enterprises.1302.3.8.10.1.8 (OctetString): User has logged into
VCS
[7] private.enterprises.1302.3.8.10.1.1 (OctetString): Veritas_Cluster_Server
[8] private.enterprises.1302.3.8.10.1.6 (OctetString): hostname1
[9] private.enterprises.1302.3.8.10.1.10 (OctetString): BFDBcluster1
[10] private.enterprises.1302.3.8.10.1.9 (OctetString): VCS
SPECIFIC : 2 (hex: 2)
GENERIC : 6
CATEGORY : Status Events
ENTERPRISE : ENTERPRISES 1.3.6.1.4.1.1302.3.8.10.2
SOURCE : Source not known (?)
HOSTNAME : hostname1
SEVERITY : Indeterminate
LOGGEDTIME : 10/08/02 16:43:47
================================================================================
It appears to me that the trapd for NetView is dropping the "6" from the end of
the OID.
It should be 1.3.6.1.4.1.1302.3.8.10.2.6 with a specific of "2".
The VCS cluster is sending the correct trap info as seen below. I basically
used snmptrapd -P from the Net-SNMP
open source package to verify the following:
Output from Net-SNMP snmptrapd -P
================================================================================
2002-10-08 16:48:43 2002-10-08 16:48:43 NET-SNMP version 5.0.5 Started.
2002-10-08 16:48:51 2002-10-08 16:48:51 svcah02 [192.168.22.114]:
SNMPv2-MIB::sysUpTime.0 = Timeticks: (35580000) 4 days, 2:50:00.00
SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.1302.3.8.10.2.6.2
SNMPv2-SMI::enterprises.1302.3.8.10.1.15 = INTEGER: 0
SNMPv2-SMI::enterprises.1302.3.8.10.1.14 = STRING: "Tue Oct 8 16:49:34 2002."
SNMPv2-SMI::enterprises.1302.3.8.10.1.4 = STRING: "hostname1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.2 = STRING: "VCS"
SNMPv2-SMI::enterprises.1302.3.8.10.1.3 = STRING: "user1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.8 = STRING: "User has logged into VCS"
SNMPv2-SMI::enterprises.1302.3.8.10.1.1 = STRING: "Veritas_Cluster_Server"
SNMPv2-SMI::enterprises.1302.3.8.10.1.6 = STRING: "hostname1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.10 = STRING: "BFDBcluster1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.9 = STRING: "VCS"
SNMPv2-MIB::sysUpTime.0 4:2:50:00.00
4:2:50:00.00
SNMPv2-MIB::snmpTrapOID.0 SNMPv2-SMI::enterprises.1302.3.8.10.2.6.2
SNMPv2-SMI::enterprises.1302.3.8.10.2.6.2
SNMPv2-SMI::enterprises.1302.3.8.10.1.15 0
0
SNMPv2-SMI::enterprises.1302.3.8.10.1.14 "Tue Oct 8 16:49:34 2002."
"Tue Oct 8 16:49:34 2002."
SNMPv2-SMI::enterprises.1302.3.8.10.1.4 "hostname1"
"hostname1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.2 "VCS"
"VCS"
SNMPv2-SMI::enterprises.1302.3.8.10.1.3 "user1"
"user1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.8 "User has logged into VCS"
"User has logged into VCS"
SNMPv2-SMI::enterprises.1302.3.8.10.1.1 "Veritas_Cluster_Server"
"Veritas_Cluster_Server"
SNMPv2-SMI::enterprises.1302.3.8.10.1.6 "hostname1"
"hostname1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.10 "BFDBcluster1"
"BFDBcluster1"
SNMPv2-SMI::enterprises.1302.3.8.10.1.9 "VCS"
"VCS"
=====================================================================================
This isn't the only case where I have had this problem. We also use an IBM
3584 which is connected to our network and has the
ability to send snmpv2 events to a console. After I loaded its mib information
(which I did by hand through the xnmtrap gui), I
experienced the same result, though I haven't the output to show right now.
Am I loading these traps incorrectly? I have noticed a few other posts with
similar problems, but no one really stating that there
was a resolution.
Regards,
Jerald Jackson
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [nv-l] trapd dropping last digit from incoming snmpv2 traps?,
Jerald Jackson <=
|
|
|
