[hobbit] SNMP Trapping Question - What is Best Tool for the Job?

wiskbroom at hotmail.com wiskbroom at hotmail.com
Tue Jun 22 14:35:26 CEST 2010



> On Monday, 21 June 2010 16:54:10 wiskbroom at hotmail.com wrote:
>>> On Monday, 21 June 2010 13:55:53 wiskbroom at hotmail.com wrote:
>>>> Hello;
>>>>
>>>> I've gotten devmon to work on my current Xymon setup; the only drawback
>>>> in my opinion is lack of device support in devmon.
>>>
>>> Templates are created for devices people have access to, who are willing
>>> to do some work to create a template. I try and add all templates that
>>> are submitted.
>>>
>>> Even if devmon had MIB support, templates would still be required to a
>>> degree. Feel free to assist in improving devmon.
>>
>> I will try, but have found the task of creating MIBs a daunting one. Yes, I
>> want to use someone elses MIB's for my devices.
>
> You shouldn't need to create MIBs, they shouldbe provided by the device
> vendor. However, while the MIBs contain a lot of information, they don't tell
> you what data to present to the user ... so even with MIB support, there would
> still be a bit of work (e.g., the message file would have to stay). I would
> like to look at removing the need for the 'oids' file though (by MIB support).

Any suggestions how I might be able to easily transform a MIB into a devmon template?

>>>> I'd like to roll-out
>>>> something else that would allow me to receive SNMP traps from a device,
>>>> and send out alerts via Xymon.
>>>
>>> I need to implement some trap support. The snmptrapd->snmptt->sec->xymon
>>> method (at http://cerebro.victoriacollege.edu/hobbit-trap.html) is a bit
>>> heavy for my current environment.
>>>
>>> I have been wondering if a dedicated perl script using
>>> NetSNMP::TrapReceiver (IOW, running inside snmptrapd) reporting directly
>>> to Xymon would be better. However, the question is, exactly how should it
>>> behave? How should traps be mapped to tests (all traps to a single 'trap'
>>> test, or to individual tests, and how)? Should traps be stored to a
>>> database as well (so they can be ACK'ed etc.)?
>>
>> I wish I could help here, and agree that the
>> "snmptrapd->snmptt->sec->xymon" is a bit conplicated, especially with SEC,
>> but probably the most powerful design I've seen yet. The problem I see
>> here is the ability to create SEC rules for alerting and properly testing
>> them.
>
> Ideally, alerting should be handled the same as for other xymon events.

Perhaps a SEC/REGEX editor?  I don't know of any, but I am sure they exists in php-format somewhere.

>>>> I'd also like to be able to use
>>>> WeatherMap, and of course want to make the three of these work together
>>>> as seamlessly as possible.
>>>
>>> While I would like to improve Weathermap (to require less manual work in
>>> creating map configurations), it works well enough for me
>>>
>>> http://staff.telkomsa.net/~bgmilne/xymon/
>>>
>>> Have you run into problems with it?
>>
>> I love the weathermap feature (thank you) and is why I want to keep it. The
>> only issue I have with the present weathermap feature for xymon/devmon is
>> that the weathermap GUI-editor is not implemented.
>
> Do your network devices have CDP support? I have a cdp test that works on a
> number of devices here, and I may consider pulling that info in to the
> weathermap script, so you don't have to manually create connections between
> devices ...

Yes, my devices have CDP enabled, at least those not on a "insecure" network.  Is CDP info attainable via SNMP?  Or would your work require using ssh with expect, or similar?

.vp


 		 	   		  


More information about the Xymon mailing list