Help banner

SNMP Channel

The SNMP channel allows the logging server to send filtered events to an SNMP management system.

A decoded SNMP trap appears as follows:

The trap values are as follows:

SNMP Version

The trap’s SNMP version. The Nsure Audit SNMP driver sends SNMPv1 traps.

Community

The string, or password, needed to access the SNMP management system.

Command

The SNMP Command. This is always Trap.

Enterprise

The Enterprise that sent the event is always 2.16.840.1.113719.1.347.3.1 .

Network address

The IP address of the logging server that sent the trap.

Generic trap

The Generic Trap field is always 6 (Enterprise specific).

Specific trap

The Specific Trap field always contains the EventID of the event that triggered the trap.

Time Ticks

Time Ticks is always the time the event was sent in seconds since 1970.

Object

The Object of the trap is the Object ID specified in the SNMP Channel object. If no Object ID is specified in the SNMP Channel object configuration, the Nsure Audit internal OID is used (2.16.840.1.113719.1.347.3.1).

Value

The Value associated with the Object is the message configured in the SNMP Channel object.

 

SNMP Channel Driver

At startup, the SNMP driver, lgdsnmp.*, performs a server check; that is, the driver attempts to connect to the designated host at UDP port 162. The server check verifies the driver can actually communicate with the server before it attempts to send SNMP traps. If the server check fails, the SNMP driver refuses to load. This safeguard ensures that no traps are lost due to misconfiguration.

NOTE: The SNMP driver does not buffer traps that are undeliverable due to misconfiguration or a server failure.

The SNMP driver sends SNMPv1 traps.

For information on configuring a SNMP Channel object, see SNMP Channel Configuration.

For information on notification filters, see Creating and Configuring Filters and Event Notifications.

For more information on using Nsure Audit, see Nsure Audit Help.

A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.