User Tools
Writing /app/www/public/data/meta/onboarding/snmpmanager/demonstration_of_ignore_trap_functionality.meta failed
onboarding:snmpmanager:demonstration_of_ignore_trap_functionality
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| onboarding:snmpmanager:demonstration_of_ignore_trap_functionality [2017/10/23 16:42] – [Temporary fix for rule with blank IP's] pmurphy | onboarding:snmpmanager:demonstration_of_ignore_trap_functionality [2021/06/25 10:09] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== Ignore Trap====== | ||
| + | Author: Eoin Joy\\ \\ | ||
| + | The ignore trap functionality is used to completely disregard traps based on their sending IP address, specific snmp oid, or both. This is useful when the system is flooded with unwanted traps such as heartbeats that we don’t want to process, and when an address is sending maybe some garbled traps that cause problems when processed.\\ | ||
| + | The IgnoreTrap list is the first thing a trap is compared to in its processing by the distributor. | ||
| + | ===== The IgnoreTrap domain ===== | ||
| + | **trapOid** – A regex to match the specific SNMP OID of the trap you wish to ignore.\\ | ||
| + | **ipAddress** – A regex to match the originating IP address of the trap you wish to ignore.\\ | ||
| + | **active** – A String “YES” or “NO” determining whether this IgnoreTrap is in effect.\\ | ||
| + | **description** – A String as description. | ||
| + | ===== Creating a new IgnoreTrap ===== | ||
| + | * Check your regexes against recent traps in the trap table to determine that you will only be blocking traps that you wish to block | ||
| + | * Create your IgnoreTrap either through the controller or database but make sure it is set to be active = “NO” | ||
| + | * Get to the update page for this new IgnoreTrap entry on the distributor instance of the Snmp Manager (using / | ||
| + | * Update this new entry to be active = “YES” on the distributor instance | ||
| + | * Note: The above two steps are tricky to get right. Try following these steps: | ||
| + | * Open up an incognito tab and go to the relevant load balancer. For example, if you're doing this on ExteNet QA, you would go to https:// | ||
| + | * Log in as admin, n*** | ||
| + | * Once you're logged in, press the back button, but DO NOT log in again | ||
| + | * Right click on that window tab, hit duplicate. You want to duplicate the page and keep the original one just for safekeeping | ||
| + | * On the duplicate tab, copy and paste ignoreTrap/ | ||
| + | * If you go to the url you created above, it should take you to the ignoreTrap entry on the load balancer. Make the edit like normal, setting active = YES. | ||
| + | * You should see the following in the distributor logs - Traps' Ignore List was reset | ||
| + | * You can test if your ignoreTrap is working properly by resending the trap while tailing the distributor logs. You can use tail -f SnmpManager.log | grep " | ||
| + | ===== Temporary fix for rule with blank IP's - resolved by IDMS 2251 (IDMS 3.4)===== | ||
| + | If IP Address is blank the trap ignore rule will not work, IP Address field needs to be populated - see example below | ||
| + | |||
| + | IP Address: 10.* | ||
| + | |||
Page Tools
