Hi John,
I think I was able to make this work using
the “word” trap attribute 3.2 but I like where you are going.
More specifically, I’m trying to ID
sites that are dialed in (so our cust svc dept can notify them of this) Each
site has a unique PPP ID and if I could parse that out of the 5350 trap, it
would be nice. Also, I must know when the dial session ends (which I think
might be harder to figure from this technique) I tested my other ruleset quite
a bit this weekend (looking for intfc “Async1” up/down traps) and
it worked very well.
Thanks for your input,
Glen
From: owner-nv-l AT lists.us.ibm DOT com [mailto:owner-nv-l AT lists.us.ibm DOT com] On Behalf Of John M Gatrell
Sent: Monday, April 10, 2006 9:10
AM
To: nv-l AT lists.us.ibm DOT com
Subject: Re: [nv-l] struggle for
best approach
I think you need to make clear what info you are after
and for what purpose.
Are
you after an audit trail, a debug trail, statistics?
For
example it is possible to get the dialin usernames and phone numbers from a
Cisco AS5350
You
just observe that the numbers go to the Cisco log buffer, and then configure
the Cisco with
'snmp-server
enable traps syslog' to convert the log to traps.
I
would use the following approach (not knowing your requirements):-
Use
NetView for monitoring if the AS5350 was working properly.
Get
statistics on number of simultaneous users, say once a month, directly from
show commands on the router.
Use
a RADIUS server to validate dialin users.
Use
the Cisco 'aaa accounting' commands to log usernames and success/failed
dialin's to the RADIUS server.
John
Gatrell
