MARS SNMP alerts

Similar Messages

• SNMP Alert Destinations

  How does an SNMP alert destination configured within OSB actually submit its traps?
  For instance, I have an SNMP alert destination configured within OSB named "Dev", with SNMP trap enabled, and reporting/email/JMS disabled.
  I have services with SLA rules that are firing, and are generating SLA alerts, and are using this alert destination.
  In the underlying Weblogic domain, I have an SNMP Server Agent name "Dev" which points to the actual IP of the SNMP monitoring tool which receives the alerts, and the WL servers are generating alerts successfully for Weblogic - specific events, such as startup, shutdown, etc.
  But as yet, we don't see any of the OSB traps arriving. Presumably, the name of the Alert destination defined within OSB must match the name of the WL agent ( although the OSB docs are silent on this ).
  So I see SLA alerts in the console, but no sign of any SNMP traps being emitted as a result of the alert.

  But as yet, we don't see any of the OSB traps arriving. Presumably, the name of the Alert destination defined within OSB must match the name of the WL agent ( although the OSB docs are silent on this ).Not required.
  I have configured SNMP traps with OSB in Single Node and Cluster. If you are using unixes, you might want to check the ports being used. Unless we are under root we cannot use ports 0-1023 and this might be the problem.
  Thanks
  Manoj

• Unable to set up SNMP alerts

  I'm trying to set up SNMP alerts in WL 8.1 and in the server log I see the following:
  ##<Apr 15, 2005 11:01:20 AM EDT> <Error> <SNMP Agent> <aan1> <dra> <SNMP Service Thread> <<WLS Kernel>> <> <000000> <There are multiple instances of SNMPAgentMBean ... This is an improper configuration>
  ####<Apr 15, 2005 11:01:20 AM EDT> <Error> <SNMP Agent> <aan1> <dra> <SNMP Service Thread> <<WLS Kernel>> <> <000000> <SNMP Agent will not be activated ... >
  I don't see anything that looks funny in the config.xml and don't know how multiple instances of that bean could be created. Does anyone have any experience with this that might help?
  Thanks in advance!
  Sue Shanabrook

  Hello sue,
  Take a look at your config.xml, maybe the SNMPAgentMBean's Name is not the same as the domain name, it should be the same.
  thanks,
  -satya

• Snmp alerts for CPU utilization

  Hi,
  I want to enable snmp alerts on l2 and l3 switches to monitor CPU utilization.
  I have Opmanager which is acting as SNMP server.
  I have switches L2 and L3 which are running IOS 12.0, 12.1, 12.2
  Do all these IOS versions support SNMP alerts?
  And also I want to know the commands to be configured on switches for this.
  Regards
  skrao

  You can configure SNMP traps for CPU Thresholding Notification.
  http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455772.html
  You should be ok with the versions you list but check exact IOS version supports it at http://www.cisco.com/go/fn
  If you do not want to use traps then there are specific oids that can be polled for 1minute average (1.3.6.1.4.1.9.2.1.57) and also 5 minute average (1.3.6.1.4.1.9.2.1.58). I've used these in the past with no problems. These oids may have been superceeded so check for latest. You can always snmpwalk a device to check oids.
  The cisco SNMP navigator is helpful when it comes to oids.
  http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en
  If you haven't got any SNMP configured yet on the switch check out http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddb4e54
  HTH
  --Phil

• Need more info in snmp alerts

  Hello all: Here is a typical snmp message I receive:
  ================================================== =========
  The following alarm has occurred:
  Alarm generator : SNMP
  Alarm Category : CPQHLTH-MIB
  Alarm type : Fan Degraded ( 6035 )
  Alarm time : Tue Jul 24 10:29:44 EDT 2007
  Summary : The Fan Degraded on Chassis 0 ,
  Fan 2 .
  ================================================== =========
  A SNMP alarm has been generated by a device on the GR
  subnet.
  As you can, there is not much information. I really need to
  know the server which generated the error. How can I setup
  ZfS7 to do this??
  Thanks a bunch for the help, Chris.

  Yes, that is what I am looking for. THANKS VERY MUCH.
  >>> On 7/30/2007 at 8:07 PM, in message
  <[email protected]>, Steven
  Lim<s.lim_nospam@4me_curtin.edu.au> wrote:
  > Have a look in the autoexec.ncf and see if you can see
  > sys:\system\nma\nma5.ncf
  >
  > It loads
  > LOAD FLEXTRAP
  > LOAD NDPSMIB
  > LOAD NTREND
  > LOAD HOSTMIB
  > LOAD NWTRAP
  > LOAD SERVINST
  > LOAD NDSINST
  > LOAD NDSTRAP
  > LOAD MPKAGENT
  > LOAD MONDATA
  > LOAD NSSMIB
  > LOAD NWTRPAGT
  > LOAD DSTRPAGT
  >
  > but you must be loading them otherwise you wouldn't be
  > gettting anything
  > anyway.
  >
  > How do you receive the SNMP alert..via email? if so then
  > it's probably just
  > your rules for your site. Get properties of your site
  > server in the ZFS
  > namespace of ConsoleOne. This will open the ZFS MMS
  > snapins. Go to the Rules
  > pagetab. Edit the rule\s that send you the email.
  >
  > I use the following in the body of the message to show
  > me the information
  > that i want
  >
  > %-h [%n]%s
  >
  > have a look in the help to see what other options are
  > there but the one that
  > you want is %n which is the affected object\server.
  >
  > For the subject i use
  >
  > [%n] %t
  >
  > the square braces don't mean anything....i just use
  > those the encase the
  > server name.
  >
  > I've also renamed all my server objects in the atlas to
  > be just the common
  > name. It makes it all nice and short.
  >
  > hope that helps
  > "Chris Mosentine" <cmosentine@N0_$pam.vrapc.com> wrote in
  > message
  > news:46ADB66E.08CB.0032.0@N0_$pam.vrapc.com...
  >> How can I tell if I am running the NMA's. I am not all
  > that
  >> familiar with zfs.
  >>
  >> The servers are listed in the atlas.
  >>
  >> Thanks for the help, Chris.
  >>
  >>
  >>
  >>>>> On 7/26/2007 at 1:49 AM, in message
  >> <[email protected]>,
  Steven
  >> Lim<s.lim_nospam@4me_curtin.edu.au> wrote:
  >>> Is the server running ZFS NMAs?
  >>> Can you find it in the Atlas? That's where ZFS
  >>> monitoring gets the name from
  >>>
  >>> "Chris Mosentine" <cmosentine@N0_$pam.vrapc.com> wrote
  in
  >>
  >>> message
  >>> news:46A5DB58.08CB.0032.0@N0_$pam.vrapc.com...
  >>>> Hello all: Here is a typical snmp message I receive:
  >>>>
  >>>>
  >>>
  > ================================================== =======
  >>> ==
  >>>> The following alarm has occurred:
  >>>>
  >>>> Alarm generator : SNMP
  >>>> Alarm Category : CPQHLTH-MIB
  >>>> Alarm type : Fan Degraded ( 6035 )
  >>>> Alarm time : Tue Jul 24 10:29:44 EDT 2007
  >>>> Summary : The Fan Degraded on Chassis
  0
  >>
  >>> ,
  >>>> Fan 2 .
  >>>>
  >>>
  > ================================================== =======
  >>> ==
  >>>>
  >>>>
  >>>> A SNMP alarm has been generated by a device on the GR
  >>>> subnet.
  >>>>
  >>>>
  >>>>
  >>>> As you can, there is not much information. I really
  >>> need to
  >>>> know the server which generated the error. How can I
  >>> setup
  >>>> ZfS7 to do this??
  >>>>
  >>>> Thanks a bunch for the help, Chris.
  >>>>
  >>>>

• Configuring SNMP Alerts

  Does anyone have any experience with configuring SNMP alerts on C-Series appliances?  I'm interested in receiving alerts when there's a certain amount of emails in the workqueue.  Is this possible?
  We experienced an issue the other day where we received an exorbitant amount of email at one time from one specific sender and the workqueue was backed up.  It would have been nice to receive alerts on this so we could more effectively eliminate the issue.  If anyone has another suggestion to receiving notification through SNMP alerts on a high amount of messages in the workqueue please let me know.  I'm open to other ideas.  I just thought this might be the most effective way.
  Thanks!
  Mike

  Thanks Viquar, maybe you can help me with the issue that I'm dealing with.
  We have roughly 4000 internal SMTP servers that send e-mail to the internet via our IronPort cluster.  These IPs are everything from USB temperature gauges to an Exchange org. with 20K mailboxes.   Every once in a while something goes haywire and a lot of e-mail gets generated internally.  Either a virus generating a lot of e-mail, an application getting stuck in a loop, or a user configuring an Outlook Rule to send all mail to an external address that is being bounced back to them.
  What I'm looking for is some kind of alert when e-mail volume or maybe e-mail rate goes through the roof.
  One of the things that I've been researching is implementing rate limiting on outbound e-mail by IP address.  The problem is that all of these 4,000 internal SMTP servers are allowed access due to a 10.* entry in our HAT today.  So to get rate limiting going I would have to identify all of those servers and then determine the rate that would be good for each of them that would allow normal traffic but stop at the right point when an issue is occurring.  Due to the work that would take I was hoping for something along the lines of an alert when overall mail rate on the IronPort cluster goes higher than X, not knowing what X is yet...   Probably configure it something high and then slowly change it to a lower setting until I started getting alerts.
  Anything like that exist?
  Jason Meyer

• SNMP Alert.

  Hello,
  I am trying to find out whether the alert from the SAN switch can be pointed to my email without using snmp manager server, third party monitoring tool or call home feature.
  Its a Cisco MDS 9509 - version 4.2(7a)
  SNMP and community strings has been enabled.
  And what does noauth & priv means?
  sh snmp host
  Host                            Port Version  Level  Type   SecName
  ############                     2162 v2c      noauth trap   public
  ############                     2162 v1        priv   trap
  ############                     1163 v1        priv   trap
  ############                     2162 v1        priv   trap
  Appreciate your help on this.
  Thanks
  Yobe.

  Anything to do with email receiving from Network Devices is todo with SMTP forwarding.
  Google / Look for SMTP configuration on MDS and hopefully there is alot on Cisco's site.
  One link I found is : http://www.cisco.com/en/US/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/call.html#wp1402579
  Regards
  Yasser

• MARS - Email Alerts as Triggered?

  Is there a way to setup reports to send alerts/reports as soon as something triggers an alert rather than send out every minute/hour/day?  So say as soon as MARS sees a P2P session, it will send an alert off to me.
  Thanks in Advance.

  If you locate the report "Activity: P2P Filesharing/Chat - All Events" then you will see the event tyope as
  Info/UncommonTraffic/P2PFileShare, Info/UncommonTraffic/P2PFileShare/FileTransfer,
  Info/UncommonTraffic/Chat, Info/UncommonTraffic/Chat/FileTransfer, Info/UncommonTraffic/Chat/Proxy
  You can then make a query, "all event raw messages". Under event, one at a time locate the 5 event types listed above and select all of the events listed for each (eg: Yahoo messag=nger missing URL, Yahoo instant messanger file transfer...etc). Cick apply and then "save as rule". You can then configure the rule as required. eg: limit to specific source/.dest subnets. Specifiy the action as email. If you want to be alerted for each and every occurrence, then you should set the time to something short like 1 minute. You can review the list of events and remove any that might not be applicable.
  Matthew

• CSA SNMP Alerts

  I have configured an Alert for "All Alerts" within CSA to send SNMP to an IP address.
  It isn't working.
  When I use a network sniffer, I see the packets going out but they are to port 41472\udp instead of 162\udp or 161\udp.
  any ideas?
  thanks.

  Please have a look at the logging files from folder \CSCOpx\CSAMC\log with which you can troubleshoot the problem.

• SNMP, Alerts for OutOfMemory Exceptions

  We are using WLS6.1 on Tru64. Using SNMP, can we generate alerts for OutOfMemory
  Exceptions that occur on any Managed servers in a cluster?

  We are using WLS6.1 on Tru64. Using SNMP, can we generate alerts for OutOfMemory
  Exceptions that occur on any Managed servers in a cluster?The SNMP MIB defines the following entries in the jvmRuntimeTable:
  jvmRuntimeHeapFreeCurrent INTEGER,
  jvmRuntimeHeapSizeCurrent INTEGER,
  you can set CounterMonitor on these attributes through the Console and set thresholds
  to send you alerts when the heap reaches a certain limit.
  hope this helps,
  Mihir

• Raising an SNMP alert

  Has anyone sucessfully used SNMP from a page process in APEX please?

  If you're running EEM 4.0 you should have a $_routing_vrf_name variable you can use to add the VRF name to your email or SNMP trap.  There is also a "vrf" option to event routing where you can specify "all" to match on all VRFs.

• SNMP Alerts are Duplicated

  Hello,
  I am running SCOM 2012 R2 UR4 and I have been trying to monitor my HP procurve switches.  I have been having an issue where the traps being sent to the server are just a port number and nothing else.  That has been somewhat fixed with a firmware
  update on the switches.  But what I get now are 2 alerts.  One alert is just a number, not related to the port and another alert with a full description.  These are the 2 alerts:
  Why am I getting this?

  Event description appears to be different and it looks to me there are 2 similar rules triggering this.
  You may like to check.
  Blog: http://theinfraguys.com
  Follow me at Facebook
  The Infra Guys Facebook Page
  Please remember to click Mark as Answer on the answer if it helps you in anyway

• SNMP Alerts

  Can anyone help me with this, I keep getting these event viewer alert, and I know what the unit is, but it shows up as healthy but the event viewer is filling up:
  Initialization of a module of type "SnmpAsyncProbe" (CLSID "{2B72C326-CDBB-421A-ACC3-A1994DBD52BB}") failed with error code Unspecified error causing the rule "Dell.iDRAC7Monolithic.GlobalStorageStatus.Availability.TrapBased"
  running for instance "10.4.1.x" with id:"{1C985247-5C46-1477-B416-3D33E936D04A}" in management group "XYZ".
  I cannot even find that SID
  Any suggestions what I can do to solve this?   I know it is monitoring DRACS on Dell servers.
  Thanks

  Hello,
  Look at the tuning steps described here:
  http://nocentdocent.wordpress.com/2012/09/05/making-dell-management-packs-lighter-for-your-management-servers/
  Natalya

• SNMP Alerts - sender is 127.0.1.1

  Hello All, I am using OnCommand Unified Manager for Clustered OnTap version 6.2 (vApp or .ova Deployed)We have setup an alarm and trying to send it to a Trap receiver.But when looking at the trap receiver, the sender is showing up as 127.0.1.1 instead of the actual server name.  Am i missing anything or this is how this bahaves ?do we have any workaround to fix this... I also tried to make sure that we have a proper DNS recored available so it should resolve to both IP and Name.  ,Sheel

  Pleae re-try once you have a valid DNS entry.The Installation guide explicitely states "...the IP address must have a valid DNS entry". OCUM tries to resolve it's FQDN in order to set IP address, name and services accordingly. regards, Niels

• WAAS Email Alerting

  Is there a way to set up e-mail alerting for when the central manager shows an alert.  For instance recently one of our appliances show that a power supply is bad and needs to be replaced.  I see in the central manager that there is a section for SMTP server info but according to the documentation I believe that this is only for notification of report jobs correct me if I am wrong. I also know that you can go to each device and set up notifications and provide the SMTP info there as well but I'm not sure if that will send the right information.  I have looked on the device GUI that has the bad power supply and can't find anywhere in the GUI that says it has a bad power supply. The alert is only showing up in the central manager as well as if you SSH to the device and do a show alerts.
  Any help would be greatly appreciated
  Thanks in advance

  Hi Daniel,
  Yes. You can do this but not from Central Manager.
  Please login to the WAE directly. Please make sure to use IE as browser. Use this URL to login to WAE directly (bypassing WAE):
  https://:8443
  Login as admin. Once you login, click on Cisco WAE --> Configuration --> Notifier Tab. You will see Email Notification option. Please fill in the details and enable what level of SNMP alerts you want to recive from the device.
  Please also make sure to enable SNMP alerts and configure SNMP options from CM for the device. Link on Central Manager: My WAN --> Manage Devices --> --> Configure --> Monitoring --> SNMP .
  Here is the link to help you with SNMP configuration:
  http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v421/configuration/guide/SNMP.html
  Please note that at this time, you can only  enable email alerts from WAE on individual basis.
  Hope this helps.
  Regards.
  PS: If this answers your question, please mark it as Answered.