Evaluation: SNMP Trap to third party tools

celina · Post by **celina** » Wed Nov 20, 2019 2:44 am

Hi :

I am using the evaluation version and checking to see if there's anyway for any breaches the alert can be sent as a SNMP trap to a third party tool. Is there any MIB file that we have to put in our third party tool ? There are other parameters on which I require help. Would it be possible through this forum ? Any help would be appreciated.

KS-Soft · Post by **KS-Soft** » Wed Nov 20, 2019 3:42 am

HostMonitor allows you to send anything you need.
So you should check third party tool - is there some limitations, does it expect some specific OID?

Regards
Alex

celina · Post by **celina** » Wed Nov 20, 2019 4:21 am

Yes. Apart from specific OID, for version 1 we had mentioned Specific Type as *, Enterprise OID as .1.3 along with message varbinds as $*. What is happening that the first trap flows into this third party tool and then subseqent traps are not received. We are checking with our vendor on this.

Also, wanted to verify that all the correct details are sent from Hostmonitor for ODBC query -

Desti Address: IP address (third party tool):port# (1620
Enterprise : %Enterprise%
Trap Type: Enterprise Specific
Specific: 6
MIB OID: .1.3
MIB type: Integer

I might be doing something wrong here. Wanted to validate.

KS-Soft · Post by **KS-Soft** » Wed Nov 20, 2019 7:35 am

What is happening that the first trap flows into this third party tool and then subseqent traps are not received

May be there is no subseqent traps?
What action settings do you use? "Start when", "Repeat" options?
Do you want to send Trap everytime test probe returns Bad status? Just once, when test status changes from Good to Bad?

Also, wanted to verify that all the correct details are sent from Hostmonitor for ODBC query

There is no SQL query in your post.
I assume you may check target database and see that data recorded.

Regards
Alex

celina · Post by **celina** » Thu Nov 21, 2019 6:37 am

I moved to the basics and tried with ping test. Think I figured out the problem for not receiving the subsequent traps. Changed the Repeat times to 5 and then to 'until status changes', it did continuously sent the traps.

The traps which were received by the third party tool doesnt give much of details. Below is the one received for ping down test -

Trap(v1) received from host 10.254.20.115(10.254.20.115) at Nov 21, 2019 5:54 PM. Enterprise Oid : .0.0 (.0.0) , Specific Type : 6, Trap Varbinds :
.0.0 INTEGER 0

wanted to paste a snapshot of the settings here from Hostmonitor but dont know how so here are the details set in SNMP trap action properties:

Dest address: ip address:port# [third party tool]
Agent Address: localhost
Enterprise: %Enterprise%
Trap Type: Enterprise Specific
Specific: 6
MIB OID: %MIBOID%
MIB value: %MibValue%
MIB type: INTEGER

Would be great if some suggestion can be shared in this regard. Thanks.

KS-Soft · Post by **KS-Soft** » Thu Nov 21, 2019 8:07 am

The traps which were received by the third party tool doesnt give much of details.

What exactly details do you need?
This actions sends 1 Trap message with 1 variable, that's it. E.g. you may send text with status of some test or reply value, using %Status% and %Repy% variables.

MIB OID: %MIBOID%
MIB value: %MibValue%

%MibOID% and %MibValue% variables make sense only if you are using these variables for some action assigned to SNMP Trap TEST.
Ping test does not have any %MibOID% or %MibValue%, so its does not make sense using these variables for some action assigned to Ping test.

Could you please explain what exactly do you need?
Do you want to setup SNMP Trap test and then start SNMP Trap action? So HostMonitor will receive SNMP Traps from deviceA and then forward some Traps to another deviceB?

Regards
Alex

celina · Post by **celina** » Fri Nov 22, 2019 3:55 am

Could you please explain what exactly do you need?
- We would like to run a SQL query and based on the threshold breach ["bad"]send a trap to our third party tool

Do you want to setup SNMP Trap test and then start SNMP Trap action? So HostMonitor will receive SNMP Traps from deviceA and then forward some Traps to another deviceB?
- We would like to only send the traps if there's a threshold breach for a SQL query

Hope I am able to answer your queries.

KS-Soft · Post by **KS-Soft** » Fri Nov 22, 2019 5:27 am

Ok, then assign alert profile with SNMP Trap action to ODBC Query test.
If you want to sent some information in this trap message, use MIB Value field (e.g. you may sent ODBC Query test status and reply)

Regards
Alex

celina · Post by **celina** » Fri Nov 22, 2019 7:39 am

Thank you so much for that info. I tried with different macro variables in MIB value filed and it worked. I have another question - hopefully this should be the last one - our third party tool prompts us to enter trap OID while setting up a trap listener which is a mandatory field - which OID can I use ? Any directions / suggestions.

Thanks.

KS-Soft · Post by **KS-Soft** » Fri Nov 22, 2019 9:31 am

which OID can I use ? Any directions / suggestions

Sorry, I don't know what exactly "third party tool" do you use and I have no idea what requirements it has but I assume you can use any OID
(e.g. 1.3.6.1.6.3.1.1.5.3 - linkDown for "bad" action, and 1.3.6.1.6.3.1.1.5.4 - linkUp for "good" action)

If you need to setup just 1 filter related to HostMonitor, I think you can use absolutely anything as OID, just use the same value on HostMonitor and "third party tool" side.
If you need to setup some filter that will react differently on different messages received from different applications, then I would suggest some unique OID (OID that is not used by other applications you setup to send Trap messages)

Regards
Alex