SNMP Trap - User Experience monitor
The SNMP Trap User Experience monitor operates differently than all other monitors in ipMonitor. Rather than poll resources on timed intervals, it listens for incoming SNMP traps and performs tests on the received data.
SNMP trap listening is disabled by default. This ensures that ipMonitor properly co-exists with your existing network management software.
ipMonitor assumes the role of an SNMP manager by performing the following procedure:
- ipMonitor listens for incoming traps sent by SNMP agents. These traps provide networking information for servers, applications or devices on the network.
- ipMonitor parses the Protocol Data Unit (PDU) message it receives from each trap using the Trap Filtering settings for each configured SNMP Trap User Experience monitor to determine whether the trap applies to it.
- If the incoming trap applies to an SNMP Trap User Experience monitor, it triggers an alert.
Optionally, you can configure the SNMP Trap - User Experience monitor to examine the variable binding information within a trap. For example, the monitor can search for temperature information, remaining battery power, an application error condition, and so on. Any retrieved variable binding information can be parsed by a content generator you created and pushed to any alert type in ipMonitor that supports Information alerts.
Integrate ipMonitor with third-party network management solutions
Many network servers, applications, and devices include SNMP agents to send out traps. However, most do not send out alerts. Using ipMonitor, these agents can take advantage of ipMonitor's alerting system to process alerts.
The SNMP Trap - User Experience monitor can integrate with your SNMP-enabled network management solutions. Incoming SNMP traps can be processed into alerts for notification, integration, and recovery.
Enable the SNMP Trap Listener
- Log in to the server hosting ipMonitor.
- Click the Start menu and select SolarWinds ipMonitor > Configure ipMonitor.
In the ipMonitor Configuration Program menu, click Communications: Web Server Ports.
In the Communications Settings window, locate the SNMP Trap Listener box and click the Enabled checkbox.
Click the IP Address drop-down menu and select a listening IP address for all SNMP Trap User Experience monitors.
Any agent that sends traps to ipMonitor must use the same IP address and port combination.
- In the Port (UDP) field, enter a UDP port for all SNMP Trap User Experience monitors.
- Click OK.
Conflicts with the Windows SNMP Trap Service
If the Windows SNMP Trap Service is enabled on the ipMonitor host computer, it can conflict with ipMonitor's SNMP Trap Listener. Both are bound by default to port 162.
To resolve conflicts with the Windows SNMP trap service, perform one of the following procedures:
- Change the ipMonitor's SNMP Trap Listener port to an unused port, and then change the outbound port of all SNMP agents that will be sending traps to ipMonitor.
- Disable the Windows SNMP trap service from the Windows Control Panel interface. There are no adverse effects to disabling this service unless you are running another SNMP solution on the ipMonitor server that requires the Windows SNMP trap service.
Use filters in the SNMP Trap monitor
The Trap Filtering dialog box helps you filter incoming trap PDU information sent to ipMonitor. The SNMP community string acts like a password for SNMP. When ipMonitor receives a trap from an agent, it includes the SNMP community string. If ipMonitor and the agent use the same read-only string, ipMonitor continues filtering traps and progresses to the IP range test.
The SNMP default communities are Private (read-write) and Public (read-only) .
You can use non-default community strings with some SNMP agents to improve the SNMP security model in conjunction with a non-standard SNMP port.
IP address range
For security purposes, traps can be accepted based on a range of IP addresses.
For an IP address range, enter the start and end IP addresses that will be accepted for SNMP Traps. For a single IP address, enter the same start and end IP address.
Filter using the source address from within the SNMP TRAP packet, and not the IP Header To increase the flexibility of the SNMP Trap QA Monitor IP address filtering, two variations are supported. If you select this option, the SNMP Trap QA Monitor will use the IP address specified by the agent in the incoming trap packet to perform its allowed IP address range validation. If you do not select this option, the SNMP trap QA monitor uses the IP address entered in the IP Header.
The incoming Generic Trap field must be one of the predefined SNMPv1 Trap types listed in the following table. See RFC 1157 for details.
|Any||Indicates that any of the Trap types listed below will be accepted.|
|coldStart(0)||Signifies that the sending protocol entity is reinitializing itself. As a result, the agent configuration or protocol entity implementation may be altered.|
|warmStart(1)||Signifies that the sending protocol entity is reinitializing itself. As a result, neither the agent configuration nor the protocol entity implementation is altered.|
|linkDown(2)||Signifies that the sending protocol entity recognizes a failure in one of the communication links represented in the agent configuration.|
|linkUp(3)||Signifies that the sending protocol entity recognizes that one of the communication links represented in the agent configuration is up.|
|authentication-Failure(4)||Signifies that the sending protocol entity is the addressee of a protocol message that is not properly authenticated.|
|egpNeighborLoss(5)||Signifies that an EGP neighbor for whom the sending protocol entity was an EGP peer is marked down and the peer relationship no longer exists.|
|enterprise-Specific(6)||Signifies that the sending protocol entity recognizes that some enterprise-specific event has occurred. The specific-trap field identifies the particular trap that occurred.|
Enter the Object Identifier that identifies the network management subsystem that generated the SNMP Trap. The OID identifies the object's position in a global object registration tree.
To locate OIDs for your applications and equipment, use the ipMonitor database of precompiled MIBs located in the Tools drop-down menu). MIB Information is provided for common Microsoft Windows and hardware applications.
The Custom Database Builder is only available to Licensed ipMonitor customers.
Contact your vendor to acquire MIBs for your various applications and equipment.
Click Get Info to query the ipMonitor built-in SNMP database for details about your OID. Type Information is ideal for determining the type of analysis you can perform in the Analysis of Test Results section.
Click To OID to convert the readable label of the OID path into its standard numerical notation. For example, clicking To OID converts sysUpTime.0 to 188.8.131.52.184.108.40.206.0.
You can specify an Enterprise OID prefix using an asterisk as a wildcard character. For example: 220.127.116.11.4.1.* Anything below the asterisk is accepted. This allows you to configure a single SNMP Trap QA Monitor to accept traps from multiple SNMP-enabled devices or applications.
Enterprise Specific Kind
Use the Enterprise Specific Kind field to isolate vendor-specific problems.
enterpriseSpecific is selected for the Generic Type field, ipMonitor allows you to optionally add one or more Specific Trap Kinds unique to the network management subsystem generating the trap.
To add more specific kinds, click Add > Or for any subsequent entries. This makes it possible to send an alert based on more than one specific kind of trap.