The purpose of this document is to describe how to create SNMP
advertisement
How to create a SNMP trap policy in OMW 8.16 Author: Gino Castoldi The purpose of this document is to describe how to create SNMP trap policies in OMW Background: SNMP requires the snmp agent to be enabled on the managed device. The management system collects SNMP information using two possible ways of communication: ● Management system asks (polls) the SNMP agent for information (get) ● The SNMP agent notifies the management system about some events (traps) All available information is defined by the Management Information Bases (MIBs). The MIB defines the information that is returned and is organized in a structure using object identifiers (OID). The MIBs are accessed using the SNMP protocol. Items to setup on managed devices to enable SNMP ● SNMP needs to be enabled on the managed device ● The SNMP ports that need to be opened UDP/TCP 161 To allow polling of the device (snmpget, snmpwalk) UDP/TCP 162 To allow the forwarding of alerts from the device (traps) ● Network access (routing) needs to be working between the managed device and the management system (bi-directional). ● Managed device is configured to send its traps (alerts) to the management system Items to setup on the Management system to receive SNMP traps ● Enable network access bi-directionally from the managed device to the management system ● SNMP ports to be opened – UDP/TCP 161/162 ● Create, configure and deploy a SNMP trap interceptor policy to the management server 1 ● Add the managed device into the system console as an SNMP type node ● Enable the SNMP Service on the management server ● Disable the SNMP Trap Service on the management server ● ● Execute this command: > ovconfchg -ns eaagt -set SNMP_SESSION_MODE NNM_LIBS Restart the HTTPS Agent: > ovc -start opctrapi This will instruct the trap interceptor process (opctrapi) to open and listen on the SNMP trap port UDP 162 directly ● Run: > ovc –status to confirm that the opctrapi process is up and running How to setup SNMP trap monitoring on the Management system To manage SNMP traps you will need to use a SNMP Interceptor policy 2 The SNMP agent software must be up and running on the managed device. When an error occurs, the device (router, server, etc.) sends an SNMP trap (alert) to a management server. SNMP Traps use port UDP/TCP 162 by default. The MIB is a file which describes the structure of the management data of a device that uses a namespace that contains object identifiers (OID). Each OID identifies a variable that can be read or set via SNMP. Background: SNMP OIDs Are the Leaves on the MIB Tree Structure An SNMP OID (object identifier) is assigned to an individual object within a Management Information Base (MIB). An MIB can be broken down into a tree structure. Within this structure, individual OIDs are representative of the leaves on the tree. More specifically, an OID is a string of numbers readable only to the MIB. Example: The branch of the MIB object identifier tree that represents managed elements used by DPS Telecom equipment. 3 OIDs are crucial in the assembly of SNMP messages. An SNMP OID functions as an address that identifies the location of a specific element within the entire SNMP network. The translation of OIDs allows the management system to determine values for these objects. The MIB assigns readable labels to each OID, which allows the management server to interpret and assemble SNMP messages. Without the OID, the message cannot be translated into a form that is readable. When the SNMP manager requests the value of any object, it assembles a message with the OID, which is sent to the MIB for decoding. If the OID is listed within the MIB at that particular management station, a message is sent back to the manager including the value requested for that particular OID. SNMP traps are identified by the OID and the SNMP interceptor policy needs to have an OID that matches what is being sent so it will be processed by a rule in the policy that has been setup. A MIB reader can list all of the MIB variables (and OID’s) from the MIB file and will aid in listing all of the information about a managed device. There are many free MIB reader tools available. Link to a free MIB Browser utility: http://ireasoning.com/mibbrowser.shtml There are several ways to configure a SNMP trap interceptor policy. 1. There is a tool called mib2policy that converts MIBs into SNMP interceptor policies. The OMW OLH has examples on how this works. Due to problems with the MIBs itself this may not work so your other option is to manually create a SNMP trap interceptor policy. 2. You can manually create your own policy. You start by creating a SNMP policy without any Event Object IDs and then you manually add in each OID. Example of a SNMP Interceptor policy This policy is for HP ProLiant disk drive alerts. This policy was created manually by adding in each OID for each rule. 4 5 These are the OIDs that were entered to create the policy and its rules OID SNMPv2-SMI::enterprises.1.3.6.1.4.1.232 cpqIoDrvWearoutTrap Critical Trap 1.3.6.1.4.1.232.0.172001 cpqIoDrvNonWritableTrap Critical Trap 1.3.6.1.4.1.232.0.172002 cpqIoDrvFlashbackTrap Critical Trap 1.3.6.1.4.1.232.0.172003 cpqIoDrvTempHighTrap Major Trap 1.3.6.1.4.1.232.0.172004 cpqIoDrvTempOkTrap Informational Trap 1.3.6.1.4.1.232.0.172005 cpqIoDrvErrorTrap Critical Trap 1.3.6.1.4.1.232.0.172006 cpqIoDrvPowerlossProtectTrap Major Trap 1.3.6.1.4.1.232.0.172007 After the SNMP policy has been deployed you can send test SNMP traps to confirm that they are working. If not then verify network connectivity between the managed device and the 6 management server. A free Microsoft tool called PortQry can be used on the management server to help troubleshoot network connectivity issues. Link to the PortQry command-line utility: http://support.microsoft.com/kb/310099 To test that the SNMP data is actually coming across and is reaching the management server you can use a utility called Wireshark or a similar free packet analyzer. Link to the Wireshark utility: http://www.wireshark.org/ You also test that the SNMP traps are reaching the management server by creating a rule in the SNMP trap interceptor policy as a catchall using the top level of the OID which will capture any alerts from that managed device if they match just the top level OID itself. It could be possible that some but not all of the traps are being sent or they could be in a different format. You can also send test SNMP traps to verify that your policies are working. There are several free utilities that perform this function. There are TrapGen, Net-SNMP and other programs that also send out test SNMP traps. Net-SNMP link: www.net-snmp.org/ TrapGen link: http://www.wtcs.org/informant/free_snmp_tools.htm OMU/NNM Example: Another method is to use the ovtrap2opc or nnmopcexport.ovpl programs which converts the NNM trapd.conf file into a SNMP policy on an OMU management server. 7 You first load the MIB into NNM, edit the resulting trapd.conf file and then convert and upload the data into an OMU policy using the ovtrap2opc tool. Example: Load the MIB in NNM In ovw, Options -> Load/Unload MIBs: SNMP Loaded MIBs are shown, click "Load" to load a new MIB Navigate to MIB file location, select and click OK Convert trapd.conf if it is provided by using: /opt/OV/bin/OpC/utils/ovtrap2opc trap-file-name template-name application-name Convert standard trapd.conf Copy file: cp /etc/opt/OV/share/conf/C/trapd.conf ~/trapd.conf Edit local file to remove other definitions, leaving the new ones you want Convert it into an OVO template /opt/OV/bin/OpC/utils/ovtrap2opc ~/trapd.conf template-name application-name CAUTION: examine the ASCII template file and look for the following line and remove it unless you want all traps forwarded to the browser FORWARDUNMATCHED ovtrap2opc will ask if the new template should also be uploaded, if not, use opccfgupld to upload later. Decide whether these traps need to be seen in the NNM browser. If not, Options Event Configuration Find EID and select If EID does not exist Edit -> Add -> Enterprise Identification Enter EID name, try to use the official name Enter EID number Double click on specific trap If there are no specific traps Edit -> Add -> Event Enter eventname, trapnamedefault In Event type, select Enterprise Default 8 Change Category to Do not log or Display Ok, Save 9
