cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
MVP
MVP

SNMP Trap Alerts not working for a specific Trap

Jump to solution

We are trying to create an Alert for a specific SNMP Trap

12/16/2019 4:08:09 PM 10.3.7.3 10.3.7.3 CISCO-PORT-SECURITY-MIB:cpsSecureMacAddrViolation

sysUpTime=4 days 1 hour 4 minutes 49.92 seconds

snmpTrapOID=CISCO-PORT-SECURITY-MIB:cpsSecureMacAddrViolation

ifIndex.10509=10509

ifName.10509=FastEthernet2/0/8

cpsIfSecureLastMacAddress.10509=74E6.E237.88D3

We see the Trap in the Web Console.

Can anyone help with creating an Alert based on the above information and include the Interface Name : FastEthernet2/0/8 and the Last Mac Address 74E6.E237.88D3 in the email alert?

Thanks in advance for the help

gangadhar.kdefieguyabdhijasharmasagar.b99kushalshrilesha.dabade

Labels (1)
1 Solution
MVP
MVP

After extensive troubleshooting we identified that our Poller had to be whitelisted in the email server. The TrapViewer configuration was alright.  

Just added this to our checklist of creating trap based alerts

View solution in original post

5 Replies
MVP
MVP

After extensive troubleshooting we identified that our Poller had to be whitelisted in the email server. The TrapViewer configuration was alright.  

Just added this to our checklist of creating trap based alerts

View solution in original post

MVP
MVP

We are using the TrapViewer.exe from the Orion server

0 Kudos

Go into Alerts & Activity and select Traps.

Select Configure Rules.

Select Traps (on left hand side) and My Custom Rules.

Click on Create New Rule

configure the rule to look for trap ID or whatever

Fill out rule actions as follows

pastedImage_0.png

Save it.

Then go to the Alert you've just created and fill in the Trigger Actions to send an email.

In the email body include the following.

${N=OLM.AlertingMacros;M=OLMAlertMessage.EventMessage}

I think above steps are applicable for Log analyzer.

We don't have log analyzer.

0 Kudos

Which Version are you running? This feature superfly99​ mentioned is also included in the basic version of log analyzer. So no additional costs required. But be aware that if you do an upgrade and want to use the log analyzer you need a separate SQL database in version MS SQL 2016 SP1 or later (you could also place it on the same Instance as your Oriondatabase, but i would not recommend that). And also a very important note if you do you use the legacy SNMP / Syslog Viewer, none of your created processing rules are migrated to the new version, so you have re-create them!

Best Regards

Rene

0 Kudos