Protocol |
SNMP | ||||||||||||||
|
| ||||||||||||||
Description |
Receive SNMP traps on Port (default 162) using network interface Host. | ||||||||||||||
|
| ||||||||||||||
Comments |
Use port 162 if Port is missing, blank, invalid or less that or equal to zero. If Host blank, missing or invalid, use [hostname]. SNMP Object ID (OID)'s are left in numeric dot notation. SNMP receiver supports v1/v2 version traps.
Special XML characters are translated according to the XML character translation table. |
<source objectId="SnmpRecv1" type="SNMPReceiver" stdout="FS.DemoAlive"> <parameter type="Port">162</parameter> <parameter type="Host">eventgnosis</parameter> </source>
Incoming SNMP v1 Trap
{ Received SNMPv1 trap: Community: public Enterprise OID: .1.3.6.1.4.1.16057 IP Address: 192.168.0.1 Generic: enterpriseSpecific Specific: 1 TimeStamp: 2967 hours 48 minutes 50 seconds .1.3.6.1.4.1.16057.1.2.4: Test message from SNMP Trap .1.3.6.1.4.1.16057.1.2.4: the second Test message from the same SNMP Trap }
Resulting XML:
<?xml version="1.0"?> <event xmlns:ev="http://www.eventgnosis.com/xml"> <ev:host>192.168.0.1</ev:host> <ev:app>SNMP</ev:app> <ev:log>192.168.0.1/public:162</ev:log> <ev:srctime>2003.11.09 22:23:52 CET</ev:srctime> <ev:protocol>SNMP v1</ev:protocol> <ev:snmp.community>public</ev:snmp.community> <ev:snmp.enterpriseOID>.1.3.6.1.4.1.16057</ev:snmp.enterpriseOID> <ev:snmp.generic>enterpriseSpecific</ev:snmp.generic> <ev:snmp.specific>1</ev:snmp.specific> <ev:snmp.timestamp>1970.01.13 09:46:53 CET</ev:snmp.timestamp> <ev:snmp..1.3.6.1.4.1.16057.1.2.4>Test message from SNMP Trap</ev:snmp..1.3.6.1.4.1.16057.1.2.4> <ev:snmp..1.3.6.1.4.1.16057.1.2.4>the second Test message from the same SNMP Trap</ev:snmp..1.3.6.1.4.1.16057.1.2.4> <ev:msg> Test message from SNMP Trap the second Test message from the same SNMP Trap</ev:msg> </event>
Incoming SNMP v2 Trap:
{ Received SNMPv2 trap from 192.168.0.1 Community: public sysUpTime.0: 2967 hours 48 minutes 50 seconds snmpTrapOID.0: .1.3.6.1.4.1.16057.0.1 .1.3.6.1.4.1.16057.1.2.4:Trap version v2 .1.3.6.1.4.1.16057.1.2.4: the second Test message from the same SNMP Trap .1.3.6.1.4.1.16057.1.2.4: the third Test message from the same SNMP Trap }
Resulting XML:
<?xml version="1.0"?> <event xmlns:ev="http://www.eventgnosis.com/xml"> <ev:host>192.168.0.1</ev:host> <ev:app>SNMP</ev:app> <ev:log>192.168.0.1/public:162</ev:log> <ev:srctime>2003.11.09 22:23:55 CET</ev:srctime> <ev:protocol>SNMP v2</ev:protocol> <ev:snmp.community>public</ev:snmp.community> <ev:snmp.sysUpTime.0>2967 hours 48 minutes 50 seconds</ev:snmp.sysUpTime.0> <ev:snmp.snmpTrapOID.0>.1.3.6.1.4.1.16057.0.1</ev:snmp.snmpTrapOID.0> <ev:snmp..1.3.6.1.4.1.16057.1.2.4>Trap version v2</ev:snmp..1.3.6.1.4.1.16057.1.2.4> <ev:snmp..1.3.6.1.4.1.16057.1.2.4>the second Test message from the same SNMP Trap</ev:snmp..1.3.6.1.4.1.16057.1.2.4> <ev:snmp..1.3.6.1.4.1.16057.1.2.4>the third Test message from the same SNMP Trap</ev:snmp..1.3.6.1.4.1.16057.1.2.4> <ev:msg> Trap version v2 the second Test message from the same SNMP Trap the third Test message from the same SNMP Trap</ev:msg> </event>
Name |
Value |
Description |
coldStart |
0 |
The sending protocol entity is reinitializing itself such that the agent's configuration or the protocol entity implementation may be altered. |
warmStart |
1 |
The sending protocol entity is reinitializing itself such that neither
the agent configuration nor the |
linkDown |
2 |
The sending protocol entity recognizes a failure in one of the communication
links represented in the |
linkUp |
3 |
The sending protocol entity recognizes that one of the communication
links represented in the agent's |
authenticationFailure |
4 |
The sending protocol entity is the addressee of a protocol message that
is not properly authenticated. While implementations of the SNMP
must be capable of generating this trap, |
egpNeighborLoss |
5 |
An EGP neighbor for whom the sending protocol entity was an EGP peer has been marked down and the peer relationship no longer obtains. |
enterpriseSpecific |
6 |
Trap specific to local enterprise. |