This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Can solarwinds receive SMTP alerts as well as SNMP traps?

Hi,

In the environment I am supporting we have some custom applications that only support sending of e-mail alerts instead of SNMP traps. We are currently integrating NPM and SAM for the whole environment, but would like Solarwinds to be able to receive the SMTP alerts as part of it's monitoring. We have been unable to find a product or feature that will do this, but think it's probably something that some one has needed before. The Vendors of these applications have presented a proposal to build a translator service that will forward the e-mail alerts as traps, but this is customised code that needs to be written by each Vendor with an added support and maintenance cost. Before we engage these Vendors to create these translator services I am interested to know if anyone has a better solution, or if a Solardwinds feature like Orion Alert Manager can indeed do this?

I'm a newbie to Solarwinds and don't have access to the product. My question is more from a technical architecture point of view.

Thanks in advance for any advice.

Cheers,

Jeremy

  • Hi Jeremy

    In SAM, you can setup an custom script monitor that will monitor a mailbox and lookout for emails with specific subject lines when such an email is received various actions can be performed with advanced alert manager. There should be many scripts available in the internet which show how to monitor mailboxes for emails



    -Ram Esakky

  • Jeremy, in addition to what Ram Esakky stated...  Orion NPM can indeed receive SNMP traps from the managed nodes.  That is, provided that the nodes have been configured not only to accept SNMP queries from the SolarWinds servers/pollers...  The nodes must also be configured to send SNMP traps to any of the SW servers/pollers in your environment.  By the way, just to clarify... We use syslog-based alerting in our environment, and do not use SNMP traps.  So, while I cannot speak from experience, I know that the functionality is there.  We have just decided to use syslog alerts instead.  Still, the SNMP viewer is almost identical as the Syslog viewer, so you should have no problem setting up alerts based on SNMP traps.

    Best wishes.

  • Hi Ram,

    Unfortunately we don't have a mail server such as Exchange deployed in this isolated environment. However, if we installed the Windows 2008 R2 SMTP Server Role with the addition of something like the Visendo SMTP Extender Community ( SMTP Extender 10 - Making POP3 & SMTP Server work with windows server 2008), I guess we could run a custom SAM script against a POP3 mailbox. Do you think that could be a valid solution?

    Cheers,

    Jeremy

  • Since having your product create a trap would still necessitate loading the MIB on the Solarwinds server to interpret the trap, this is probably not the right way to go. How about Syslog? There are several free/cheap tools that will take an incoming message (or text written to a log file, or whatever) and convert it to syslog which is more freeform, and then SolarWinds could receive and interperet THAT instead.

    Another alternative is to have the vendor's product write to a log file on that system, and have Solarwinds monitor the log file.

    There are a number of other options, before you resort to SNMP Alerts (whatever that means. SNMP really only has polling and traps, as far as I know).

  • aside: SWO doesn't need the MIB to be loaded to interpret the SNMP traps; we use SNMP traps internally and it works fairly well.

    Fortunately since the Trap receiver doesn't interpret received trap mibs correctly anyway, it's useful that it doesn't rely on the MIB to decode the trap.

    1.3.6.1.4.1.150.16000.1.0.1 snmpTrapEnterprise = 1.3.6.1.4.1.1​50.16000.1
    experimental.1057.1.0 = a.b.c.d
    sysUpTime = 1.00 second
    snmpTrapOID = 1.3.6.1.4.1.1​50.16000.1.0.1
    unknown = unknown
    unknown = unknown
    unknown = unknown
    unknown = unknown

    it looks to me like the the 10.5 UI messes up -- I believe in 10.3 the UI used to display the oidname as enterprises.150.16000.1.1 etc.. and the OidValue as received (the values are still in the database correctly). SNMP uses type-length-value encoding, so even if you do not know the MIB the receiver should be able to grok strings, numbers, etc.


    SNMPv3 has informs (acknowledged traps); SWO doesn't support SNMPv3 informs or traps.


    /RjL

  • What about adding Alert Central to the environment?  It can monitor a mailbox via  POP, IMAP or EWS.  You can have it parse the email and forward it as an alert to the appropriate party.

    Are these applications on  Windows servers?

  • Alert Central is not what we need, as all "alerts" and "traps" need to be managed by Orion for complete reporting. Thanks anyway.

  • I like the syslog option. I will look into that. Thanks adatole.

    Cheers,

    Jeremy