Snmp monitor not alerting on failure to access.
using snmp probes it works fine reads the oid values and alerts if the value is of the correct value but if the devices is just down I get nothing it shows as unhealthy within network devices but it does not send an alert, what did I do wrong.
thanks
tr
Welcome to SCOM,
Sorry for all the Redacting; looks like some sort of super secret document.
If you pull up your network device(s) are the responsiveness monitors enabled, and green? These should trip when you device goes offline. It looks like the default configuration is to only alert on the parent node 'Network Device Responsiveness',
and once the node comes back online the alert would clear.
You could setup a subscription for this, and I think it would produce the results you're looking for.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
Nathan Foreman
www.Practice2Perfect.com
Similar Messages
-
I have a service monitor setup to monitor up down of a service. The service yesterday starting to terminate and restart it self but the monitor is not catching that it is going down. The monitor works fine we we take it down manually. I think the restart
is happening too quickly. Has anyone seen something like this and is there a fix for it?Hi,
The default frequency of the basic service monitor is 60 Seconds if I have it in mind correctly so you may not got an alert for every service restart.
If you want to get an alert for every service restart you may have to use an Event Monitor to check the Service Start/Stop Events.
Have a look on this thread also:
http://www.systemcentercentral.com/forums-archive/topic/question-about-the-poll-time-of-the-basic-service-monitor/
Cheers,
Christoph
Blog: http://blog.cmaresch.at/ Twitter:
LinkedIn:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Hi everyone,
it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message "User not authorized for AnyConnect Client access, contact your administrator". I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem. The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
Please find the current config and debugging output below. I appreciate any pointers as to what might be wrong here.
: Saved
ASA Version 9.1(1)
hostname ASA
domain-name ingo.local
enable password ... encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd ... encrypted
names
name 10.0.1.0 LAN-10-0-1-x
dns-guard
ip local pool VPNPool 10.0.2.1-10.0.2.10 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif Internal
security-level 100
ip address 10.0.1.254 255.255.255.0
interface Vlan2
nameif External
security-level 0
ip address dhcp setroute
regex BlockFacebook "facebook.com"
banner login This is a monitored system. Unauthorized access is prohibited.
boot system disk0:/asa911-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup Internal
dns domain-lookup External
dns server-group DefaultDNS
name-server 10.0.1.11
name-server 75.153.176.1
name-server 75.153.176.9
domain-name ingo.local
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network LAN-10-0-1-x
subnet 10.0.1.0 255.255.255.0
object network Company-IP1
host xxx.xxx.xxx.xxx
object network Company-IP2
host xxx.xxx.xxx.xxx
object network HYPER-V-DUAL-IP
range 10.0.1.1 10.0.1.2
object network LAN-10-0-1-X
access-list 100 extended permit tcp any4 object HYPER-V-DUAL-IP eq 3389 inactive
access-list 100 extended permit tcp object Company-IP1 object HYPER-V-DUAL-IP eq 3389
access-list 100 extended permit tcp object Company-IP2 object HYPER-V-DUAL-IP eq 3389
tcp-map Normalizer
check-retransmission
checksum-verification
no pager
logging enable
logging timestamp
logging list Threats message 106023
logging list Threats message 106100
logging list Threats message 106015
logging list Threats message 106021
logging list Threats message 401004
logging buffered errors
logging trap Threats
logging asdm debugging
logging device-id hostname
logging host Internal 10.0.1.11 format emblem
logging ftp-bufferwrap
logging ftp-server 10.0.1.11 / asa *****
logging permit-hostdown
mtu Internal 1500
mtu External 1500
ip verify reverse-path interface Internal
ip verify reverse-path interface External
icmp unreachable rate-limit 1 burst-size 1
icmp deny any echo External
asdm image disk0:/asdm-711.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network obj_any
nat (Internal,External) dynamic interface
object network LAN-10-0-1-x
nat (Internal,External) dynamic interface
object network HYPER-V-DUAL-IP
nat (Internal,External) static interface service tcp 3389 3389
access-group 100 in interface External
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server radius protocol radius
aaa-server radius (Internal) host 10.0.1.11
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication ssh console radius LOCAL
http server enable
http LAN-10-0-1-x 255.255.255.0 Internal
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map External_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map External_map interface External
crypto ca trustpoint srv01_trustpoint
enrollment terminal
crl configure
crypto ca trustpoint asa_cert_trustpoint
keypair asa_cert_trustpoint
crl configure
crypto ca trustpoint LOCAL-CA-SERVER
keypair LOCAL-CA-SERVER
crl configure
crypto ca trustpool policy
crypto ca server
cdp-url http://.../+CSCOCA+/asa_ca.crl:44435
issuer-name CN=...
database path disk0:/LOCAL_CA_SERVER/
smtp from-address ...
publish-crl External 44436
crypto ca certificate chain srv01_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain asa_cert_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain LOCAL-CA-SERVER
certificate <output omitted>
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable External client-services port 44455
crypto ikev2 remote-access trustpoint asa_cert_trustpoint
telnet timeout 5
ssh LAN-10-0-1-x 255.255.255.0 Internal
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh timeout 5
ssh version 2
console timeout 0
no vpn-addr-assign aaa
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcpd dns 75.153.176.9 75.153.176.1
dhcpd domain ingo.local
dhcpd option 3 ip 10.0.1.254
dhcpd address 10.0.1.50-10.0.1.81 Internal
dhcpd enable Internal
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address LAN-10-0-1-x 255.255.255.0
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter use-database
dynamic-filter enable interface Internal
dynamic-filter enable interface External
dynamic-filter drop blacklist interface Internal
dynamic-filter drop blacklist interface External
ntp server 128.233.3.101 source External
ntp server 128.233.3.100 source External prefer
ntp server 204.152.184.72 source External
ntp server 192.6.38.127 source External
ssl encryption aes256-sha1 aes128-sha1 3des-sha1
ssl trust-point asa_cert_trustpoint External
webvpn
port 44433
enable External
dtls port 44433
anyconnect image disk0:/anyconnect-win-3.1.02026-k9.pkg 1
anyconnect profiles profile1 disk0:/profile1.xml
anyconnect enable
smart-tunnel list SmartTunnelList1 mstsc mstsc.exe platform windows
smart-tunnel list SmartTunnelList1 putty putty.exe platform windows
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
webvpn
anyconnect profiles value profile1 type user
username write.ingo password ... encrypted
username ingo password ... encrypted privilege 15
username tom.tucker password ... encrypted
class-map TCP
match port tcp range 1 65535
class-map type regex match-any BlockFacebook
match regex BlockFacebook
class-map type inspect http match-all BlockDomains
match request header host regex class BlockFacebook
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 1500
id-randomization
policy-map TCP
class TCP
set connection conn-max 1000 embryonic-conn-max 1000 per-client-max 250 per-client-embryonic-max 250
set connection timeout dcd
set connection advanced-options Normalizer
set connection decrement-ttl
policy-map type inspect http HTTP
parameters
protocol-violation action drop-connection log
class BlockDomains
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect dns preset_dns_map dynamic-filter-snoop
inspect http HTTP
service-policy global_policy global
service-policy TCP interface External
smtp-server 199.185.220.249
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command vpn-sessiondb
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command dynamic-filter
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command service-policy
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege clear level 3 mode exec command dynamic-filter
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:41a021a28f73c647a2f550ba932bed1a
: end
Many thanks,
IngoHi Jose,
here is what I got now:
ASA(config)# sh run | begin tunnel-group
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool VPNPool
authorization-required
and DAP debugging still the same:
ASA(config)# DAP_TRACE: DAP_open: CDC45080
DAP_TRACE: Username: tom.tucker, aaa.cisco.grouppolicy = DfltGrpPolicy
DAP_TRACE: Username: tom.tucker, aaa.cisco.username = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username1 = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username2 =
DAP_TRACE: Username: tom.tucker, aaa.cisco.tunnelgroup = DefaultWEBVPNGroup
DAP_TRACE: Username: tom.tucker, DAP_add_SCEP: scep required = [FALSE]
DAP_TRACE: Username: tom.tucker, DAP_add_AC:
endpoint.anyconnect.clientversion="3.1.02026";
endpoint.anyconnect.platform="win";
DAP_TRACE: Username: tom.tucker, dap_aggregate_attr: rec_count = 1
DAP_TRACE: Username: tom.tucker, Selected DAPs: DfltAccessPolicy
DAP_TRACE: Username: tom.tucker, DAP_close: CDC45080
Unfortunately, it still doesn't work. Hmmm.. maybe a wipe of the config and starting from scratch can help?
Thanks,
Ingo -
Deleting monitors with alerts configured
Iam running into an issue deleting monitors with alerts configured. It appers that a patch needs to be applied to address the issue. I logged into HP support but I dont have the entitlements under my account, and cant see the avaiable updates.
@Shawnzimm
Thank you for using HP Support Forum. I have brought your issue to the appropriate team within HP. They will likely request information from you in order to look up your case details or product serial number. Please look for a private message from an identified HP contact. Additionally, keep in mind not to publicly post ( serial numbers and case details).
If you are unfamiliar with the Forum's private messaging please click here to learn more.
Thank you,
Omar
I Work for HP -
Zone shutdown error - SNMP request returned error status 6 (no access)
When trying to shutdown a zone though SunMC it get the following error from the web page
SNMP request returned error status 6 (no access) snmp://xx.xx.com:nnnn/mod/scm-container/Zones/ZoneTable/ZoneEntry/zoneState#zonename
the log on the agent has
[0000008f 00a8 ]warning Nov 28 12:20:10 agent preValidateSetPDU: zoneState(zonename) [1.3.6.1.4.1.42.2
.12.2.2.85.6.1.1.10.10.98.111.116.97.110.105.120.45.97.100] - noAccess
I probably am missing a simple undocumented permissions problem.
Any help would be appreciated
Thanksmarcusj99 wrote:
When trying to shutdown a zone though SunMC it get the following error from the web page
SNMP request returned error status 6 (no access) snmp://xx.xx.com:nnnn/mod/scm-container/Zones/ZoneTable/ZoneEntry/zoneState#zonename
the log on the agent has
[0000008f 00a8 ]warning Nov 28 12:20:10 agent preValidateSetPDU: zoneState(zonename) [1.3.6.1.4.1.42.2
.12.2.2.85.6.1.1.10.10.98.111.116.97.110.105.120.45.97.100] - noAccess
I probably am missing a simple undocumented permissions problem.
Any help would be appreciatedSCM security can be tricky to get right the first time you use it. Have you performed these operations in the global zone?:
- run es-config to add your SunMC userID to the scm-container ACL?
- made sure the Project Managment and Pool Management entries are in /etc/security/prof_attr and exec_attr files?
- added your SunMC userID to the Zone/Pool/Project entries in /etc/user_attr (or used the 'usermod' command to add the entries for you)?
If any of those steps were missed then SunMC (or Solaris) may not believe you have permisson to make changes to zones/pools etc. There are a couple of SCM docs listed in with the SunMC doc set:
http://docs.sun.com/app/docs/coll/810.8?l=en
Regards,
[email protected]
http://www.HalcyonInc.com
New !! : http://forums.HalcyonInc.com !! -
SNMP monitoring of Oracle 10g?
Hi there,
I'm curious about using SNMP technology to monitor Oracle 10g databases.
I've done some light reading on the subject and I'm now at the stage
where I have a few questions.
-What exactly do I need to configure in my Oracle 10g environment?
-Is Enterprise Manager the best and/or only UI available for me
to carry out configuration chores?
-I see no SNMP specific documentation for 10g; why is that?
-I do see a good document for 9i:
Oracle SNMP Support Reference Guide Release 9.2.0 Part Number A96672-01
http://download-west.oracle.com/docs/cd/B10501_01/em.920/a96672/toc.htm
Is the above document suitable for configuring SNMP monitoring of Oracle
in a 10g environment?
-moiI'm able to set up traps via the EM website following these instructions:
http://download-west.oracle.com/docs/cd/B19306_01/em.102/b40002/notification.htm
However, what I'm really looking for is the ability to do snmp gets. I need functionality similar to how the old school DBSNMP under OMS used to work. These commands seem to be totally missing. I found the following documentation:
http://download-east.oracle.com/docs/cd/B19306_01/em.102/b16244/chap2.htm#sthref74
Which indicates there should be an snmp subfolder under $ORACLE_HOME/sysman, but that folder does not exist in my installation. I installed Oracle EE. Is there another package I need to install in order to make the subagent run like a normal snmp agent?
So far if I do a:
emctl start dbconsole
that starts up the EM Website and I can use that no probelm. If I...
emctl start agent -- I get:
Starting agent ... started.
issuing a 'emctl staus agent' gives me a normal status message. Things start to get strange when I try to start the subagent, which to my understanding is what I need running in order to to talk to net-snmp, which is the master agent running on this host. Here's what happens:
[zaro@cheetah bin]$ ./emctl start subagent
Oracle Enterprise Manager 10g Database Control Release 10.2.0.1.0
Copyright (c) 1996, 2005 Oracle Corporation. All rights reserved.
Starting sub agent .....started
[zaro@cheetah bin]$ ./emctl status subagent
Oracle Enterprise Manager 10g Database Control Release 10.2.0.1.0
Copyright (c) 1996, 2005 Oracle Corporation. All rights reserved.
Sub agent is not running..
I guess my question is how do I get to have the ability I used to have back in 8i to start up dbsnmp and then have my SNMP monitoring app "discover" the agent and use its instrumentation to get data? -
GSS snmp is not running but should be
Hi all,
I was trying to turn on the SNMP service on GSS appliance. I believe there are not so many CLIs I can use to turn it on. But the SNMP service on the device doesn't look like working for me.
Can anyone help me out of this? I am about to open a SR in TAC.
Thanks,
James
Device Information:
tns1.abcd.ca#sh ver
Global Site Selector (GSS)
Model Number: GSS-4492-k9
Copyright (c) 1999-2009 by Cisco Systems, Inc.
Version 3.1(0)
Uptime: 61 Days 1 Hours 48 Minutes and 35 seconds
tns1.abcd.ca#sh license installed
Licensed modules are
DDoS
tns1.abcd.ca#sh license active
Enabled modules are
DDoS
Runing configuration:
tns1.abcd.ca#sh run | grep snmp
snmp-server enable
snmp-server location Toronto
snmp-server contact [email protected]
snmp-server trap-source ethernet 1
tns1.abcd.ca#
Snmp status:
tns1.abcd.ca#sh snmp
snmp is enabled
Syslog:
tns1.abcd.ca#sh log |grep Snmp
Oct 12 15:41:26 tns1 SYS-6-SERVICES[1578] Enabling Snmp
Oct 12 15:41:27 tns1 SYS-6-SERVICES[1596] Starting Snmp
Oct 12 15:41:28 tns1 SYS-3-SERVICES[1624] Service Snmp is not running but should be.
Oct 12 15:51:35 tns1 SYS-6-SERVICES[2959] Disabling Snmp
Oct 12 15:51:36 tns1 SYS-6-SERVICES[3001] Stopping Snmp
Oct 12 15:52:26 tns1 SYS-6-SERVICES[3230] Enabling Snmp
Oct 12 15:52:26 tns1 SYS-6-SERVICES[3257] Starting Snmp
Oct 12 15:52:27 tns1 SYS-3-SERVICES[3297] Service Snmp is not running but should be.
Oct 12 16:12:59 tns1 SYS-6-SERVICES[5684] Disabling Snmp
Oct 12 16:13:00 tns1 SYS-6-SERVICES[5702] Stopping Snmp
Oct 12 16:13:44 tns1 SYS-6-SERVICES[5820] Enabling Snmp
Oct 12 16:13:45 tns1 SYS-6-SERVICES[5838] Starting Snmp
Oct 12 16:13:46 tns1 SYS-3-SERVICES[5864] Service Snmp is not running but should be.
Oct 12 16:14:50 tns1 SYS-6-SERVICES[6040] Disabling Snmp
Oct 12 16:14:51 tns1 SYS-6-SERVICES[6062] Stopping Snmp
Oct 12 16:15:15 tns1 SYS-6-SERVICES[6140] Enabling Snmp
Oct 12 16:15:15 tns1 SYS-6-SERVICES[6162] Starting Snmp
Oct 12 16:15:16 tns1 SYS-3-SERVICES[6190] Service Snmp is not running but should be.Hi James.
This is a bug:
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsz70369
fixed in 3.1(1)
Regards,
Fadi. -
Prime\SNMP Monitoring of dynamic interfaces
Hi - Is anyone aware of a method of monitoring the bandwidth utilisation on a dynamic interface on a WLC?
I'd like to monitor the traffic on each dynamic interface to generate usage stats on centrally switched guest and employee SSID's.
ThanksYou have to get that stats from switch where you defined those SVI. WLC dynamic interface not terminate any L3 traffic & switch SVI is the place to go.
If you have netflow monitoring or simple snmp monitoring tool, you can get that stats from the switch.
HTH
Rasika
**** Pls rate all useful responses **** -
Recommended product for syslogging and snmp monitoring
Hi,
We currently use KIWI syslog but can anyone recommend a better product for syslogs from Firewalls, Routers and Switches. Our current product creates a seperate text file per day per device. Ideally I would like all these to be combined (or combinable for display purposes) into one log that shows to update realtime and have the ability to filterout "background noise" - stuff we know is acceptable, as well as being able to run simple or quick searches and reports. Ideally for asbout 200+ devices.
Am I too hopeful or is there a product out there that can do this (that also will not break my companies bank account).
Also, recommended products for SNMP monitoring if better than we currently use would be useful - currently using Orion and SNMPc.
Regards
AdrianAdrian,
We use syslog-ng for RHEL. It can do what you need as far as writing to files and filtering out background noise, but it is not a search/reporting tool. If KIWI does the latter, I imagine you could tell it to read from the file that syslog-ng creates.
It is open source for writing files through version 3.1.4. Later versions require licensing to write to files or if you are using a Windows OS.
http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.1.4
Here are some other options:
Rsyslog: http://www.rsyslog.com/
Splunk: http://www.splunk.com/
Snare: http://www.intersectalliance.com/projects/index.html
Hope this helps.
Steve Lee
Emory University -
Internal failure 0x80040707 access denied
Sorry to bring up an old topic problem, but the search turns up posts dating back to 2004 and the links do not work. Anyway...
I get an "internal failure 0x80040707 access denied" upon loading iTunes and QuickTime after the required reboot either with the CD or with the downloaded versions from the web.
I did not connect the Ipod to the computer until after the software was installed.
I have tried all the below with Norton Antivirus disabled:
1) upgraded XP Pro from SP1 to SP2.
2) installed and uninstalled iTunes and QuickTime many, many, many, many times, using the uninstaller and the Windows Install Clean Up downloaded from
http://consumer.installshield.com/kb.asp?id=Q108322
and using task manager to remove remnants (qttask.exe, ip*, qt*).
3) followed the instructions at
http://consumer.installshield.com/kb.asp?id=Q108167
there were no problems with the registry.
4) installed only the iPod updater and not installed iTunes and QuickTme from the CD (nothing works, but I still get the error message on reboot.
5) deleted the folder containing iPod and QuickTime after an unsuccessful install.
iTunes runs after the reboot, but in preferences it says no iPod is connected when it is connected. The iPod when connected to the 'puter says "Do not disconnect" with a spinning "sun" in the upper left hand corner. The do not disconnect never goes away, even after leaving it alone overnight.
Windows knows the Ipod is connected to a USB port and says it is "working normally."
QuickTime will play "stuff."
I spent 40 minutes on the phone with Best Buy who said to call Apple. I spent 20 minutes on the phone with Apple who said call Dell. I Spent 15 minutes on a chat with a Dell tech who ended the conversation with out giving me any help (was goin' home time for him).
I've probably got about 30 hours into this and my kid is wondering when her iPod will work.
Any advice or pointers?
Thanks for any suggestions!!!
Jim
dell Windows XP Pro 4300sKatrina,
Maybe this?
http://discussions.apple.com/thread.jspa?messageID=135
1909?
I don't know how to do this as the message occurs when I reboot and before my desktop icons are loaded. The first window that appears is the InstallShield completing the software load, I guess. Then the "internal failure error 0x80040707" window appears. At that point my only choice is to click "OK" or "X" on the Internal falure window. After that disappears the "access denied" window pops up. The Taskbar is not loaded either.
Or you can make sure your music files are backed up
and in a safe place, and go through your PC and
remove anything that says Apple on it. In both
Windows Explorer & the registry.
Then reinstall iTunes, QT and the iPod updater?
Also, just curious, you said you installed the iPod
updater, but did you also run the updater with the
iPod attached and actually update the iPod?
No. The updater window appears and the initializing message never goes away (the iPod is connected with the "do not disconnect" messge displayed.
Thanks for your help!!
Jim
dell Windows XP Pro 4300s
dell Windows XP Pro 4300s -
Monitoring and Alerting tools for Business Object Data Integrator
Hi,
We have Business Objects DI installed in AIX 5.3 environment. Please advise any type of monitoring and alerting tools for DI.
Monitor tools to monitor Job servers(like job service and web services running properly) and also to monitor long running extraction jobs and alerting the same. Thanks.
Thanks.
Raj.Hi Thomas
Though both the tools objectives are for Data integration, the purpose for both tools are different.
SAP BODS/ BOBJ Data Integrator is an ETL tool which involves combining data residing in different sources and providing users with a unified view of the data
SAP PI is a Middleware/EAI tool which have a mechanism/technology that connects different parts of an application or a series of applications
SAP BOBJ Data Integrator
Bulk Data Integration
Extraction Transformation and Loading
Deals of huge volume of data
SAP PI
It is process based integration of application data
It is a middle ware which integrates various project applications into a common programming package that can be operate/access as a single application
SAP NetWeaver PI is SAP’s implementation of Service-oriented Architecture (SOA) middleware and facilitates the integration of business processes that span different departments, organizations, or companies.
SAP PI uses SAP NetWeaver Application Server and message servers where in fail over cases the messages can be resent again.
The below differences will gives you more clarity
Verdict is we can use both the tools for data transfer/migration and for choosing the tool depends upon the business requirement
Please reply back if you need more information.
Regards
Murthy -
Login Failure while accessing share folder
Hi,
Previously, all PC can access to clustered server by "\\NAS".
But today Windows 2000 users can't, they can access with IP address or "\\NAS.ms.com.hk" only with error "Logon Failure: The target account name is incorrect"
Please help !!
ThanksHi,
I would like to confirm the current situation.
Windows 2000 users cannot access \\NAS - what's the error message? "Network path not found?"
They can access with \\FQDN or IP, but with error "Logon Failure: The target account name is incorrect".
Please correct me if I'm wrong.
If I'm correct, both issues seem related to DNS. Please first check if your DNS server is working.
Also you can run "netdiag -v" to create a netdiag.log file. Check if there is any DNS errors in the netdiag.log.
How to use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/kb/321708/en-us
If you have any feedback on our support, please send to [email protected] -
SNMP Monitor PIX throught VPN tunnel
I have two Cisco PIX 515e firewalls configured in fail-over. The primary PIX has private address 192.168.1.5 and the secondary PIX (standby) has a private address 192.168.1.6. The PIX firewalls are running IOS 6.3.3. I'm connecting to the PIX firewalls through a VPN tunnel (PIXes terminate VPN tunnel) and my monitoring system uses SNMP to monitor devices behind the PIX firewalls and the primary PIX private IP address. I would also like to monitor the standby IP address 192.168.1.6 from the tunnel and have been unsuccessful thus far. I can do this from behind the PIX, but not through the tunnel (only the primary PIX).
Is there a way I can SNMP monitor (and PING) the IP address of the standby PIX through the VPN tunnel?
Please send email to [email protected]
Thank you,
frankPaul,
Thank you for your email. Yes, we currently use this command to monitor the active private IP of the active PIX firewall through the VPN tunnel. What I would like to be able to monitor is the private IP address of the standby PIX firewall (has a different IP address while in standby mode) would like to make sure that it too is up and running (I can do this today for other PIX firewalls from the inside, but not through the tunnel.
Best regards,
Frank Pikelner
Hi Frank,
Dont think you are going to get that to work due to the routing issues. Sending syslog messages to the snmp server is the only way Ive done it in the past. Have you given this a try?
http://cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278a.html#wp1052111
http://cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide09186a00800896ac.html
I hope this is of some help.
Cheers,
Paul. -
Monitoring and Alerting Infrastructure : Errors raised during Event Calculation
Hello together,
System: Solution Manager 7.1 Sp7
since one day I get this alert every five minute: "Monitoring and Alerting Infrastructure : Errors raised during Event Calculation".
Name....................Errors raised during Event Calculation
Start Time..............20.03.2014 15:12:27 CET
End Time................20.03.2014 15:12:27 CET
Managed Object..........Monitoring and Alerting Infrastructure
Managed Object Type.....Technical Component
Rating..................Red
Category................Exceptions
Status..................Open
Opening the alert shows this:
E2E Alert Analysis Report:
This metric outputs the der Event Calculation Engine (ECE) error messages. The ECE runs by default every minute, under the job name SAP_ALERT_CALCULATION_ENGINE, which then starts the report ACE_CALCULATION_CONTROLLER.
Analyze the error messages in the Application Log, as follows:
Start the transaction SLG1, and enter the object E2E_ALERTING and subobject ENGINE.
When opening trx SLG1 I can see this error:
Aggregate for managed object 00215ACCD6DE1EE2B8FEE39484598162, type
80E0ED08ADA71DEEBFD84650DEF6421F not found.
How can I fix this?
Thank you very much.
Regards,
RalphHi Ralph,
We are facing the same issue is our system. I have checked the specified note and observed that few of the systems had to be updated in Managed System Configuration. I have updated the systems. But, the alerts have not stopped.
Can you please tell me the procedure to resolve this issue?
Thanks.
Regards,
Deepika R -
SCOM 2012 SP1 - Setup SNMP monitoring = ping OK, no response SNMP.
Hello,
I've tried the snmp monitoring in lab domain, everthing work. Now I work in the production environment, but I can't make work the snmp. I've tried only snmp, but the same error occure. The Ping is ok, all my firewalls rules allows snmp and ping over
the domain.
But when I launche the discovery, I've got an error after "No Response SNMP". I've analized the network with wireshark, I see the snmp get send to scom to the network device, but the netowrk device, reply " Destionation unreachable (Port unreachable)".
I've check with "netstat -ano -p udp" but I don't see the port 162, the 161 is open and snmp.exe service use it. But 162 is not open and Healthservice.exe doesn't use it.
I tried to reboot the server, but nothing change. And I check all my configuration, and it's the same in my lab domain and te production.
Anybody have the same issue? Or a workaround?
Thank you in advance.
KimBaxZHello Roger,
1. Windows Firewall
a. SNMP service authorized
b. SNMP trap not authorized
c. PING.exe authorized
d. HealthService.exe authorized
2. SNMP service configuration
a. Security => Community name + Right OK
b. Security => Accept SNMP packets from any host
3. SNMP trap service disabled
4. The network device (cisco switch is already configured and the snmp work well)
a. It's possible to execute a snmp walk on the switch, and we get all the data (we use a différents
computer to do this, like a linux server on the same network)
5. We use snmp v2 on the switch, and during the discovery scom, send v2c snmp get to the switch with the good community name.
6. I tried to forge a snmp v2 packet and send them to the scom server, wireshark see the packet
During the discovery the switch get the snmp request, but he can't reply, the snmp trap port (162) on the scom server is not open. And I don't know why.
Maybe you are looking for
-
How do I use a Sony DCR-TRV310 for FaceTime in a Mac mini 2009?
How do I use a Sony DCR-TRV310 for FaceTime in a Mac mini 2009? Sorry, I mean Mini mid2010. Message was edited by: tesoro1
-
Removing checkbox from resultset.
Hi, I am using MDM resultset iview, In the result screen it is appending checkbox for every record. can any one help me on removing check box. Regards, Sandeep Reddy
-
So love my PB and keep hearing about the Kindle app that is coming but cant find anything on a date for it. What I really want is a Nook app but havent even heard rumor of that. Has anyone else heard anything on either of these?
-
Mapping External Message Error: StackOverFlowError
Hi, Just to give a background first, I have an xsd external message defined, which I have to use for a certain map. Whenever I try to use it as a target message during mapping, I get an INTERNAL_PROBLEM StackOverFlowError message. Because of this,
-
Flash builder 4 Verifying payload integerity : Failed with code 1
where i install flash builder 4 on windows servers 2003 32x got this error Exit Code: 7 -------------------------------------- Summary -------------------------------------- - 0 fatal error(s), 2 error(s), 2 warning(s) WARNING: Payload {7E5AA19B-0B85