Syslog from secondary node IP's
Mar 16, 2010 10:34 AM
Mar 16, 2010 10:34 AM
-
Re: Syslog from secondary node IP's
If it's a cisco device make sure the nodes are in NPM based on loopback address usually loopback0 and then add the following:
logging trap debugging
logging facility syslog
logging source-interface Loopback0
logging xxx.xxx.xxx.xxx <--- put your NPM servers IP here-
Re: Syslog from secondary node IP's
I also add the following:
snmp-server community xxxx RO 98
snmp-server community xxxx RW 98
snmp-server ifindex persist
snmp-server location xxxxx
snmp-server contact xxxxx
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps bgp
snmp-server enable traps config
snmp-server enable traps syslog
snmp ifmib ifindex persist-
Re: Syslog from secondary node IP's
byrona
Mar 16, 2010 11:47 AM
In the event of an edge case where I am unable to configure things this way is there anyway to solve this problem?
This makes me curious why Orion doesn't associate IP's with the other interfaces it discovers on nodes, it seems it would be beneficial to do so.
-
Re: Syslog from secondary node IP's
Hi Byrona,
It's definitely best to configure your devices for source interfaces, but in the event you can't - just add ICMP Only or External Nodes with the IP address in question.
Not the best solution. - but I've done it with externally managed devices that might use HSRP or VRRP.
- v
-
Re: Syslog from secondary node IP's
I've got a SQL script that pulls IPs/masks from NCM to NPM interfaces to custom properties to populate on map for live documenting, but i see what you're saying where traps/syslog sourced from one of those aren't associated with the node itself...
I think this is a feature request or something SW has to comment on...
-
-
-
-
-
Re: Syslog from secondary node IP's
typically that is why management systems best practices say to use loopback addresses (never go down) and you configure your devices to source SNMP and syslog from the loopback.
-
Re: Syslog from secondary node IP's
Yes,
Our solution is to discover or change the ip address(in solarwinds) of the offending node to the ip address that the syslog message is coming from.
This should do it.
-
Re: Syslog from secondary node IP's
Totally agree with best practice of using loopback0 for all sources (logging, snmp, tacacs etc) for consistency. However that aside, Orion is not YET capable of being aware of a router with multiple IP addresses and aware of network reachability (ie: hsrp) hence one of the main reasons some companies are hesitant to pack up their Openview NNM systems just yet.
-
Re: Syslog from secondary node IP's
You can do what viol8tor suggested and add those extra HSRP IP's as ICMP only nodes so you at least monitor the up/down status of them.
-
Re: Syslog from secondary node IP's
We're also struggling with this issue. Without seeing the IPs associated with the interface, we've resorted to monitoring each interface as a seperate node. The suggestion to add them as ICMP only nodes is a small step better, but not much. Adding it as another SNMP node as we did in the past also has issues with being imported into NCM multiple times if you're not careful. I haven't tried the ICMP node setup yet- does anyone know whether NCM tries to import these?
Since a router has both physical and logical "up/down" states, it's problematic to monitor the interface at only the physical level: the router could have problems at layer 3 without ever losing the physical connection.
We really need to see this enhancement.
-
-
Re: Syslog from secondary node IP's
Hi bryron--
Not sure but this may be a feature that NPM dev is working on for the next release. See this If you're curious as to what we're working on..., look under Syslog and Traps, Items 6 and 8.
Let me know if this helps.
M
-
Re: Syslog from secondary node IP's
byrona
Mar 17, 2010 3:28 PM
Hi bryron--
Not sure but this may be a feature that NPM dev is working on for the next release. See this If you're curious as to what we're working on..., look under Syslog and Traps, Items 6 and 8.
Let me know if this helps.
M
No, this doesn't seem to be covered.
With most NMS's that I have worked with, they will discover all of the IP's associated with the different interfaces on a device. Orion already comes three quarters of the way there by discovering the different interfaces associated with a device, associating their MAC address and giving you the option to monitor them; the only thing it isn't doing is grabbing the IP addess and associating that as well.
I am curious why the development team didn't take that last step since this is what just about every other NMS does.
-
Re: Syslog from secondary node IP's
I have to agree with byron here... why would you not show the associated IP's with the interfaces listed on node details for a device??? An example is on a router with say 8 interfaces... why under the routers nodes detail where interfaces are listed would you list the port and description but not show the IP assigned to it??? Is there are reason for this???
EDIT:
I end up having to ssh to the router sometime when I'm in a rush to check an Interfaces IP since NPM won't show it under node details. You would think it might show the IP and mask for each interface...
-
Re: Syslog from secondary node IP's
Hi Bill and Byron--
I'll mark this for development and the PM and see what they have to say.
M
-
Re: Syslog from secondary node IP's
Thanks Marie I think everyone would like to see the IP's and subnet mask associated with each interface on their routers under node details. I wouldn't think this would be too complicated to add under node details and as you can see from the thread some people have done this themselves (njoylif) with custom properties.
Best Regards,
Bill
-
Re: Syslog from secondary node IP's
bshopp
Apr 6, 2010 8:12 PM
Got it and makes sense, thanks for the feedback
-
-
-
-
-
-
-
Re: Syslog from secondary node IP's
In many cases our nodes have more than one IP associated with them, however; Orion only seems to be aware of a a single IP per node.
I created a new resource that displays messages from all addresses of node. Syslog from related node IP's