SNMP Sender  

Protocol

SNMP

 

 

Description

Send SNMP trap messages to Host on Port (default 162) using Community (default public).

 

 

Comments

SNMP sender supports v1/v2 version traps.

Use port 162 if Port is missing, blank, invalid or less that or equal to zero.

Use "public" if Community is missing or blank.

We are sending SNMP v2.

The common event fields are mapped into specific OID's which are found in the OID mapping table. Otherwise, it will default to the unspecified OID mapping.

Special XML characters are translated according to the XML character translation table.

SysUpTime – should get from system.

Community is string value within the snmp packet. The network managers and agents are set up to "belong" to some of named "group" called community.

Snmp packets always belong to one of those communities and are "noticed" by equipment, which are in the same community.

Most used value is "public", but may be private with internal names. (Also used in authentication).

Currently, we use an XML file for mappings. In future versions an EventGnosis MIB will be compiled and exported for external consumption

 

Example

<destination objectId="SnmpSndr1" type="SNMPSender" stdout="FS.DemoAlive">
	<parameter type="Host">errLogHost</parameter>
	<parameter type="Port">21033</parameter>
	<parameter type="Community">security</parameter>
</destination>
 

Event Mapping 

<?xml version="1.0" encoding="UTF-8"?>
<event xmlns:ev="http://www.eventgnosis.com/">
	<ev:host>Host</ev:host>
	<ev:app>App</ev:app>
	<ev:log>Log</ev:log>
	<ev:msg>2003-11-10 01:25:44.174</ev:msg>
	<ev:count>6</ev:count>
</event>

Parsed and sent fields: 

Address of host: 	192.168.0.7
Trap type:		snmp v2 (ECS always send v2 - spec)
Community: 		public
sysUpTime:		(provided ECS up Time )   

Varbinds: 

OID - .1.3.6.1.4.1.16057.1.2.1 Value:	Host
OID - .1.3.6.1.4.1.16057.1.2.2 Value:	App
OID - .1.3.6.1.4.1.16057.1.2.3 Value:	Log
OID - .1.3.6.1.4.1.16057.1.2.5 Value:	2003-11-10 01:25:44.174
OID - .1.3.6.1.4.1.16057.1.0 Value:	6 (note: not recognized field – OID for unknown used)

Resulting write to host/port: 

{
	IpAddress:	192.168.0.7
	Community:	public
	Trap type:	SNMPv2c
	Variable bindings:
	OID				Type		Value
	1.3.6.1.2.1.1.3.0		Time Tick	00h:00m32.34.s
	1.3.6.1.6.3.1.1.4.1.0		OID		1.3.6.1.4.1.16057
	1.3.6.1.4.1.16057.1.2.1		String		Host
	1.3.6.1.4.1.16057.1.2.2		String		App
	1.3.6.1.4.1.16057.1.2.3		String		Log
	1.3.6.1.4.1.16057.1.2.5		String		2003-11-10 01:25:44.174
	1.3.6.1.4.1.16057.1.0		String		6
}