• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 38 subscribers
  • Views 865 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Translating SNMP Traps into English

pierrejn

Has anyone been able to take a trap and make it actually look like the English Language?  Is this even able to be transformed?

sysUpTime=381 days 17 hours 0 minutes 50.00 seconds

snmpTrapOID=DISMAN-EVENT-MIB:mteTriggerFired

mteHotTrigger=Gi0/0 interface threshold reached

mteHotTargetName=

mteHotContextName=

mteHotOID=DISMAN-EXPRESSION-MIB:expValueUnsigned32Val.9.115.105.110.103.108.101.95.118.102.5.71.105.48.47.48.0.

mteHotValue=99

ifHCInOctets.3=142591331080874

ifHCOutOctets.3=22321230731626

ifHighSpeed.3=100

entPhysicalName.16=Gi0/0

  • 0

    Traps are not really supposed to be transformed into something that looks like the English language, they're really designed to be consumed by computers.

    if you read the MIB then it will explain the meaning of various fields. In this case whatever you are monitoring is making use of the RFC event MIB to indicate an interface had gone over a threshold.

    mteHotOID=DISMAN-EXPRESSION-MIB:expValueUnsigned32Val.9.115.105.110.103.108.101.95.118.102.5.71.105.48.47.48.0.

    grab your ascii table and decide this as:

    115.105.110.103.108.101.95.118.102 = s i n g l e _ v f 

    71.105.48.47.48. = G i 0 / 0

    I'd have expected the Target and Context name to have been filled in with some useful value.

    Anyway, without knowing anything about what sent in this trap, I'm going to hazzard a guess this is some alert from an IPS indicating the bandwidth on a 100Mbps interface Gi0/0 reached 99% ?

  • 0 in reply to RichardLetts

    I agree and disagree with you.  I found something in Solarwinds that can make these OIDs english but you do have to pay for it.  It is in the Solarwinds Engineering ToolSet.  Once I have an actual and final answer I will post it so everyone can make use of it and how I changed it to say something that people who did not study SNMP can use.

  • 0 in reply to pierrejn

    the challenge of snmp indexes is that they are trap-specific, for example there is nothing that prevents mteHotOID ending with (say) 0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.39.7.252.120.0.0.0.0.101.0.0.0.0.0.26.203

    which might be used for an event cause by an IPv6-related event (for example the number of BGP prefixes exceeding a limit), and in that case has no textual equivalent (it does have an IPv6 equivalent)

    For Internet-standard MIBS especially one  gets into the (various) vendor interpretation of what was intended.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.