Use the Discovery_SNMPTraps Knowledge Script to discover known devices that forward SNMP traps to a NetIQ Trap Receiver server. You can discover devices that generate traps that use SNMP version 1, 2, or 3.
This script creates trap source device objects in the Navigation pane or TreeView for devices that can be polled with SNMP as well as devices that cannot be polled with SNMP. The display name format of all trap source device objects created by this script use the following format:
Trap Source: Device Name [Device IP Address]
For example:
Trap Source: MyRouter [10.22.120.67]
You can specify one or more sets of mappings that pair a device name to an IP address, which enables you to customize how the list of discovered SNMP Traps device objects display in the Navigation pane or TreeView.By default, this script runs once. You can run each iteration of a Discovery_SNMPTraps job on just one NetIQ Trap Receiver server. If you have multiple trap receiver servers, run one Discovery_SNMPTraps job for each Trap Receiver server.
If you delete or add a resource object, or if you make any other kind of change that might affect the monitoring of your devices, run the Discovery_SNMPTraps Knowledge Script again to update your list of resource objects.
Before running the Discovery_SNMPTraps script, configure AppManager Security Manager with the community string and version information for each device you want to monitor. Security Manager entries for SNMP v1 and v2 are optional, but SNMP v3 traps require a Security Manager entry.
If you already use other modules that monitor SNMP traps, such as AppManager for Avaya Communication Manager or AppManager for Network Devices, you can continue to use any existing SNMPTrap Security Manager entries.
The type of Security Manager information you configure varies according to the version of SNMP implemented on the device. AppManager for SNMP supports SNMP versions 1, 2, and 3.
To set up Security Manager for SNMP v1 or SNMP v2 traps, complete the following fields on the Custom tab in Security Manager:
|
Field |
Description |
|---|---|
|
Label |
SNMPTraps This script also supports Security Manager entries labeled SNMPTrap, which is a label used by other modules that you might have already installed, such as AppManager for Avaya Communication Manager or AppManager for Network Device, |
|
Sub-label |
Specify whether the community string is used for a single device or for all devices:
|
|
Value 1 |
Specify the community string for the device or devices. |
|
Value 2 |
Leave this field blank. |
|
Value 3 |
Leave this field blank. |
AppManager for SNMP supports the following modes for SNMP version 3 (SNMP v3):
No authentication; no privacy
Authentication; no privacy
Authentication and privacy
In addition, the module supports the following protocols for SNMP v3:
MD5 (Message-Digest algorithm 5, an authentication protocol)
SHA (Secure Hash Algorithm, an authentication protocol)
DES (Data Encryption Standard, an encryption protocol)
AES (Advanced Encryption Standard, an encryption protocol, 128-bit keys only)
Configure SNMP v3 information for each device monitored by each proxy computer.
If you plan to monitor SNMP v3 traps, install the NetIQ Trap Receiver and the AppManager agent on the same computer to prevent malicious users from gaining secure access to the information in these traps. The Discovery_SNMPTraps script notifies you if an SNMP v3 trap source device’s corresponding NetIQ Trap Receiver IP address does not match the IP address of the AppManager agent monitoring it.
The Discovery_SNMPTraps script does not fully validate SNMP v3 credentials retrieved from Security Manager for a particular device or set of devices, and the script does not notify you if these credentials do not match. As a result, the Discovery_SNMPTraps script might miss some SNMP v3 traps if you do not enter the Security Manager credentials properly.
For SNMP v3 configuration, complete the following fields in the Custom tab of Security Manager for the proxy agent computer.
|
Field |
Description |
|---|---|
|
Label |
SNMPTraps This script also supports Security Manager entries labeled SNMPTrap, which is a label used by other modules that you might have already installed, such as AppManager for Avaya Communication Manager or AppManager for Network Devices. |
|
Sub-label |
Specify the IP address, or enter default for all devices that do not have a specific IP address entry. |
|
Value 1 |
Specify the SNMP user name, or entity, configured for the device. All SNMP v3 modes require an entry in this field. |
|
Value 2 |
Specify the name of the context associated with the user name or entity entered in Value 1. A context is a collection of SNMP information that is accessible by an entity. If possible, enter a context that provides access to all MIBS for a device. If the device does not support context, type an asterisk (*). All SNMP v3 modes require an entry in thisfield. |
|
Value 3 |
Specify the combination of protocol and password appropriate for the SNMP v3 mode you have implemented.
|
Set the Values tab parameters as needed.
|
Description |
How to Set It |
|---|---|
|
General Settings |
|
|
Job Failure Notification |
|
|
Event severity if discovery job fails unexpectedly |
Set the event severity level, from 1 to 40, to reflect the importance when this script fails unexpectedly. The default is 5. |
|
Event Details |
|
|
Event detail format |
Select whether to view event details in an HTML table or in plain text. The default is HTML Table. |
|
Additional Settings |
|
|
Tracing (for advanced users only) |
Note Use the tracing settings in this section only with the help of NetIQ Technical Support. |
|
Raise event with job execution log? |
Select Yes to raise an event when the job execution log is created. The default is unselected. |
|
Logging level |
Select the logging level you want to monitor. The options are Off, Fatal, Error, Warn, Info, Debug, or All. Use these settings only with the help of Technical Support. The default is Warn. |
|
Derive event severity from most severe event log entry? |
Select Yes to calculate the event severity for the Raise event with job execution log parameter based on the most severe event log entry. The default is Yes. |
|
Event severity (if automatic severity computation not selected above) |
If you did not select Yes for the Derive event severity from most severe event log entry parameter, set the event severity level, from 1 to 40, to reflect the importance of the event raised with the creation of the job execution log.The default is 40. |
|
Discover SNMP Trap Devices |
|
|
Raise event if discovery succeeds? |
Select Yes to raise an event when this script successfully discovers devices that forward traps to trap receivers. The default is Yes. |
|
Event severity when discovery succeeds |
Set the event severity level, from 1 to 40, to reflect the importance when this script successfully discovers devices that forward traps to trap receivers. The default is 25. |
|
Raise event if discovery fails? |
Select Yes to raise an event when this script fails to discover devices that forward traps to trap receivers. The default is Yes. |
|
Event severity when discovery fails |
Set the event severity level, from 1 to 40, to reflect the importance when the script fails to discover devices that forward traps to trap receivers. The default is 5. |
|
Update the TreeView object name if the device name changed since the previous discovery? |
Select Yes if you changed the name of a device after initially discovering it, and you want to update the name of the Navigation pane or TreeView object with the new name. The renamed device should have the same IP address, and after the script updates the Navigation pane or TreeView object with the new name, the script monitors the new object and stops monitoring the old object. The default is unselected. If you select No for this parameter, and you change the name of a device after initially discovering it, and then you run discovery again on the device, the script will not create a new Navigation pane or TreeView object. The new name of the device does not display in the Navigation pane or TreeView. |
|
Name of the device to populate in the TreeView |
Specify the name of the device that forwards traps to a trap receiver. Use this parameter and the IP address of the device to populate in the Treeview parameter if you only want to discover one device. If you want to discover multiple devices, use the File containing a list of device name/IP address pairs to populate in the TreeView parameter. This parameter only supports characters allowed in a hostname or fully qualified domain name (FQDN). |
|
IP address of the device to populate in the TreeView |
Specify the IP address for the device you want to monitor. This script does not support the discovery of devices that use IPv6 addresses. |
|
File containing the list of device name/IP address pairs to populate in the TreeView |
Specify the path to a text file containing a list of mappings that pair device names to IP addresses. This script does not support the discovery of devices that use IPv6 addresses. For example: c:\DeviceList.txt In the file, separate each mapping with a comma, no spaces, with each pair on a single line. All mappings must be formatted properly for the job to run successfully.For example: Intuity,10.41.5.30 AvayaOneX,10.41.5.20 Place the file in a location that is accessible by the account under which the NetIQmc service is running on the agent. This script supports UNC shares if the agent’s parent account has authority to access the share. |
|
Trap Receiver IP address |
Specify the IP address for the NetIQ Trap Receiver (NTR) Server. This script does not support IPv6 addresses. The default is localhost. |
|
Trap Receiver TCP port |
Specify the TCP port for the NTR Server. The default is 2735. |