GroundWork Monitor uses SNMP trap translator (SNMPTT) to parse incoming SNMP traps and format them in a human readable fashion for display in alarms and the web interface. It also allows for customizing the severities of each trap based on customer requirements.
SNMP Trap Translator (SNMPTT) is an SNMP trap handler written in Perl for use with the Net-SNMP / UCD-SNMP snmptrapd program. SNMPTT supports Linux, UNIX and Windows.
Many network devices including but not limited to network switches, routers, remote access servers, UPSs, printers and operating systems such as UNIX and Windows NT have the ability to send notifications to an SNMP manager running on a network management station. The notifications can be either SNMP Traps, or SNMP Inform messages.
The notification can contain a wide array of information such as port failures, link failures, access violations, power outages, paper jams, hard drive failures etc. The MIB (Management Information Base) available from the vendor determines the notifications supported by each device.
The MIB file contains TRAP-TYPE (SMIv1) or NOTIFICATION-TYPE (SMIv2) definitions, which define the variables that are passed to the management station when a particular event occurs.
The Net-SNMP program snmptrapd is an application that receives and logs SNMP trap and inform messages via TCP/IP.
Following is a sample syslog entry for a Compaq cpqDa3LogDrvStatusChange trap that notifies that the drive array is rebuilding:
The output from snmptrapd can be changed via the -O option to display numeric or symbolic OIDs and other display options, but it generally follows the format of variable name = value, variable name = value etc.
A more descriptive / friendly trap message can be created using SNMPTT's variable substitution. Following is the same trap, logged with SNMPTT:
The definition for the cpqDa3LogDrvStatusChange trap in the SNMPTT configuration file would be defined as follows:
The $3 represents the third variable as defined in the MIB file, which for this particular trap, is the cpqDaLogDrvStatus variable.
Another example of an SNMPTT configuration entry is:
Which could result in the following output:
SNMPTT can log to any of the following destinations: text log, syslog, NT Event log or a SQL database. External programs can also be run to pass the translated trap to an email client, paging software, Nagios etc.
In addition to variable substitution, SNMPTT allows complex configurations allowing:
- The ability to accept or reject a trap based on the host name, ip address, network range, or variable values inside of the trap enterprise variables.
- Execute external programs to send pages, emails etc.
- Perform regular expression search and replace on the translated message such as translating the variable value "Building alarm 4" to "Moisture detection alarm".