This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Create Post
RaviK
MVP
MVP
‎12-16-2019 06:39 AM

SNMP Trap Alerts not working for a specific Trap

Jump to solution

We are trying to create an Alert for a specific SNMP Trap

12/16/2019 4:08:09 PM 10.3.7.3 10.3.7.3 CISCO-PORT-SECURITY-MIB:cpsSecureMacAddrViolation

sysUpTime=4 days 1 hour 4 minutes 49.92 seconds

snmpTrapOID=CISCO-PORT-SECURITY-MIB:cpsSecureMacAddrViolation

ifIndex.10509=10509

ifName.10509=FastEthernet2/0/8

cpsIfSecureLastMacAddress.10509=74E6.E237.88D3

We see the Trap in the Web Console.

Can anyone help with creating an Alert based on the above information and include the Interface Name : FastEthernet2/0/8 and the Last Mac Address 74E6.E237.88D3 in the email alert?

Thanks in advance for the help

gangadhar.kdefieguyabdhijasharmasagar.b99kushalshrilesha.dabade

Labels (1)
Reply
1 Solution
RaviK
MVP
MVP
‎12-18-2019 10:28 PM

Jump to solution

After extensive troubleshooting we identified that our Poller had to be whitelisted in the email server. The TrapViewer configuration was alright.  

Just added this to our checklist of creating trap based alerts

View solution in original post

Reply
5 Replies
RaviK
MVP
MVP
‎12-18-2019 10:28 PM

Jump to solution

After extensive troubleshooting we identified that our Poller had to be whitelisted in the email server. The TrapViewer configuration was alright.  

Just added this to our checklist of creating trap based alerts

View solution in original post

Reply
RaviK
MVP
MVP
‎12-18-2019 03:28 AM

Jump to solution

We are using the TrapViewer.exe from the Orion server

0 Kudos
Reply
superfly
MVP
MVP
‎12-16-2019 11:18 PM

Jump to solution

Go into Alerts & Activity and select Traps.

Select Configure Rules.

Select Traps (on left hand side) and My Custom Rules.

Click on Create New Rule

configure the rule to look for trap ID or whatever

Fill out rule actions as follows

pastedImage_0.png

Save it.

Then go to the Alert you've just created and fill in the Trigger Actions to send an email.

In the email body include the following.

${N=OLM.AlertingMacros;M=OLMAlertMessage.EventMessage}

Reply
gangadhar.k
Level 10
In response to superfly
‎12-18-2019 01:09 AM

Jump to solution

I think above steps are applicable for Log analyzer.

We don't have log analyzer.

0 Kudos
Reply
rfroembgen
Level 11
In response to gangadhar.k
‎12-18-2019 03:00 AM

Jump to solution

Which Version are you running? This feature superfly99​ mentioned is also included in the basic version of log analyzer. So no additional costs required. But be aware that if you do an upgrade and want to use the log analyzer you need a separate SQL database in version MS SQL 2016 SP1 or later (you could also place it on the same Instance as your Oriondatabase, but i would not recommend that). And also a very important note if you do you use the legacy SNMP / Syslog Viewer, none of your created processing rules are migrated to the new version, so you have re-create them!

Best Regards

Rene

0 Kudos
Reply

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
© 2021 SolarWinds Worldwide, LLC. All Rights Reserved.