You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Overview

This article will provide a methodology for adding SNMP trap parsing to EventParserRules.

Define The Traps that Will Be Processed

The customer should provide a list of SNMP traps that they require be processed by opEvents. 

Correlate Events Into Stateful Pairs

For this discussion we will assume that the concept of 'state' is important to the customer.  If there is a down event, there should be a corresponding up event.  It is possible that several down events could share a single up or clearing event.

Create Parser Rules

opEvents will process the trap log file as specified on opCommon.nmis.  When parsing the traps the following properties should be extracted.

  • date
  • host
  • trap
  • details
  • event
  • element
  • stateful
  • state
  • priority

The install version of EventParserRules.nmis has a traplog section that will extract the date, host, trap and details fields for most situations.  This article will focus on situations where customers want customization for the remaining fields.

 

 

  • No labels