11.27 SNMPTrap

Use this Knowledge Script to send an SNMP trap message with AppManager event information to a specified list of computers. Each computer you specify must be able to receive SNMP trap messages on UDP port 162.

If you do not specify a value for any of the parameters, this Knowledge Script uses the corresponding value found in the registry under: HKEY_LOCAL_MACHINE\Software\NetIQ\AppManager\4.0\NetIQmc\SNMPTRAP\Config.

For example, if you do not specify an object identifier in the OID field, the Knowledge Script checks the registry for the OID key entry: OID: REG_SZ: 1.3.6.1.4.1.1691.1.

By default, the event information includes the computer name of the managed client and the event severity. You can select additional information to include by enabling the appropriate parameters.

You can also specify a custom message to forward.

This script raises an event if you select the custom message format but neglect to enter any text for the custom message body. Under these circumstances, the script continues to execute and uses the standard message format.

11.27.1 Setting Parameter Values

Set the following parameters as needed:

Parameter

How to Set It

Event Notification

Event severity -- Action warning

Set the event severity level, from 1 to 40, to indicate the importance of an event in which the SNMPTrap job returns a warning. The default is 35 (magenta event indicator).

Event severity -- Action failure

Set the event severity level, from 1 to 40, to indicate the importance of an event in which the SNMPTrap job fails. The default is 5 (red event indicator).

Severity Configuration

Minimum event severity for Action

Set the minimum severity level, from 1 to 40, for an event that triggers this Action. The default is 1.

Maximum event severity for Action

Set the maximum severity level, from 1 to 40, for an event that triggers this Action. The default is 40.

Action

List of computers to receive SNMP message

Provide the name of the computer to receive the recipient of the SNMP trap message. The recipient computer must be able to receive SNMP traps on UDP Port 162.

To specify multiple recipients, separate computer names with commas. For example, Nancy01,10.41.40.16,finance03.us.netiq.corp.

Community string

Provide a valid SNMP community string. Leave this parameter blank to use the SNMP community string entered in AppManager Security Manager. The default is public.

Destination port

Provide the number of the port where you want the trap sent. The default is 162.

Object identifier

Provide an object identifier in OID notation (for example, 1.2.3.456.78). The default is the NetIQ enterprise OID, 1.3.6.1.4.1.1691.

Specific trap number

Specify a trap number. The trap number can be specific to your application. The default is 1.

Message format

Select the format you want to use for the message sent by this script:

  • Standard format generates a message based upon the selections you make from the Standard message options parameters.

  • Custom format generates a message based upon the subject and message body you supply in the Custom message options parameters.

The default is Standard.

Standard Message Options

Include JobID?

Select Yes to include the job ID in the standard message. The default is unselected.

Include agent computer name?

Select Yes to include the name of the agent computer in the standard message (the computer hosting the agent that initiated the Action). The default is Yes.

Include event severity?

Select Yes to include the severity of the event in the standard message. The default is Yes.

Include Knowledge Script name?

Select Yes to include the Knowledge Script name in the standard message (the Knowledge Script that initiated the Action). The default is unselected.

Include AppManager object name?

Select Yes to include the AppManager resource object name in the standard message (the AppManager resource object where the event was raised). The default is unselected.

Include AppManager event ID (only on MS Action)?

Select Yes to include the AppManager event ID in the standard message (possible only in cases when the Action is carried out by the management server). The default is unselected.

Include event detail message?

Select Yes to include the event detail message. The default is unselected.

Custom Message Options

Custom message (can include substitutions)

Provide the text to include in your custom message. Enter the custom message text without quotes. Use the following keywords to indicate the information to include in the message:

  • $ShortMsg$ (the short event message)

  • $DetailMsg$ (the detailed event message)

  • $Time$ (the date and time of the event)

  • $JobID$ (the ID of the job that raised the event)

  • $MachineName$ (the name of the computer where the event was raised)

  • $Severity$ (the severity of the event)

  • $KSName$ (the name of the Knowledge Script that raised the event)

  • $ObjectName$ (the name of the AppManager resource object where the event was raised)

  • $EventID$ (the event ID)

For $ShortMsg$ and $DetailMsg$ you can use number and wildcard options to indicate specific portions of the text string to include. For example:

  • $DetailMsg$[5] includes the fifth word of the detailed event message

  • $ShortMsg$[1-5] includes the first through fifth words of the short message event

  • $DetailMsg$[*5] includes the first through fifth words of the detailed event message

  • $ShortMsg$[5*] includes the fifth through last words of the short event message

If you do not enter a word specifier, AppManager returns the entire string.

The following are examples of the types of messages you can construct using these keywords:

  • Event from $MachineName$: The $ShortMsg$[1-3] has failed. The last command was $DetailMsg$[4*].

  • A severity $Severity$ event has occurred! Call the owner of $MachineName$ immediately!