Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1134
Views
15
Helpful
5
Replies

Looking for a list of trap messages per event sent to the NCM

p.mchenry1@snhu.edu
Level 1
Level 1

‎05-17-2022 09:28 AM

Hi,

 

I am trying to find  list of trap messages I should expect from certain Cisco products for creating alerts based on the incoming trap message. If I don't know the expected trap message for.....say a BGP. OSPF, EIGRP neighbor down, Power Supply down and so on... I can't filter the message and create the alert. Is there documentation of trap messages sent per incident and per model that I could use for this sort of information? I understand I could create a lab with the devices we have in prod, but we don't have extras for this purpose.

 

Than you, Pat

Labels:
0 Helpful
5 Replies 5

Flavio Miranda
VIP
VIP

‎05-17-2022 01:16 PM

Hi

 This doc have a lot of information but not sure if that you want.

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s4.html#wp2196686831 

 

But, wouldn´t  take much effort if you build a Lab in GNS3 with  some routers and switch just to see how traps looks like. If you want to parse information, there´s nothing better then handle it in a lab.

 

p.mchenry1@snhu.edu
Level 1
Level 1
In response to Flavio Miranda

‎05-18-2022 06:20 AM

Thanks Flavio - I've had GNS3 labs in the past and they have been very helpful - I was hoping there might be an easier way to do it...a list showing a particular event that might happen on a particular device and the trap message my NCM would get. Then I could have filters in place to catch them for alerting. I have several configured already based on trap messages I have received, but messages I have not received, I don't know what I am looking for so can not filter on them.

 

-Pat

0 Helpful

Dan Frey
Cisco Employee
Cisco Employee

‎05-17-2022 02:26 PM

The mib files are self documenting and if you have net-snmp installed you can test.  For instance take IF-MIB and IF-MIB.traps files.  Download the mib files to your local machine.

[root@CrashCart mibs]# more IF-MIB.traps 
### THIS FILE WAS GENERATED BY MIB2SCHEMA

enterprise 1.3.6.1.6.3.1.1.5
	2 linkDown
	3 linkUp

Look for these two notifications in IF-MIB file

linkDown NOTIFICATION-TYPE
    OBJECTS { ifIndex, ifAdminStatus, ifOperStatus 

linkUp NOTIFICATION-TYPE
    OBJECTS { ifIndex, ifAdminStatus, ifOperStatus }

There are three varbinds associated with each trap that are documented in IF-MIB and the value type (SYNTAX) for each varbind.

ifIndex OBJECT-TYPE
    SYNTAX      InterfaceIndex

ifOperStatus OBJECT-TYPE
    SYNTAX  INTEGER {
                up(1),        -- ready to pass packets
                down(2),
                testing(3),   -- in some test mode
                unknown(4),   -- status can not be determined
                              -- for some reason.
                dormant(5),
                notPresent(6),    -- some component is missing
                lowerLayerDown(7) -- down due to state of
                                  -- lower-layer interface(s)
            }
ifAdminStatus OBJECT-TYPE
    SYNTAX  INTEGER {
                up(1),       -- ready to pass packets
                down(2),
                testing(3)   -- in some test mode
            }

We have all the information required in order to make a snmptrap in net-snmp tool.

[root@CrashCart mibwork]# snmptrap -v 2c -c public localhost '' IF-MIB::linkUp ifIndex i 1 ifAdminStatus i 1 ifOperStatus i 1 2>/dev/null

Start the snmptrap daemon before sending the trap in the command above.   Send the command above to send to the trap daemon on the localhost.

snmptrapd -M /home/dafrey/.snmp/mibs -m +ALL -f -Le -F "%#04.4y/%#02.2m/%#02.2l - %#02.2h:%#02.2j:%#02.2k TRAP: %w.%q from %A\n\t%b - %B, %P\n\t%V\n\t%v\n\n" 
NET-SNMP version 5.7.2
2022/05/17 - 21:24:30 TRAP: 0.0 from 0.0.0.0
	UDP: [127.0.0.1]:39825->[127.0.0.1]:162 - localhost, TRAP2, SNMP v2c, community public
	DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (503032851) 58 days, 5:18:48.51
	SNMPv2-MIB::snmpTrapOID.0 = OID: IF-MIB::linkUp
	IF-MIB::ifIndex = INTEGER: 1
	IF-MIB::ifAdminStatus = INTEGER: up(1)
	IF-MIB::ifOperStatus = INTEGER: up(1)

p.mchenry1@snhu.edu
Level 1
Level 1
In response to Dan Frey

‎05-18-2022 06:26 AM

Thank you for the detailed response Dan...

 

"The mib files are self documenting and if you have net-snmp installed you can test.  For instance take IF-MIB and IF-MIB.traps files.  Download the mib files to your local machine."

 

I'm assuming this is a linux box? So I'd need a Linux box, download net-snmp, then download mib-files and then test? Can I download MIB files particular to a device or are MIB files the same no matter the Cisco platform?

 

Thank you

 

0 Helpful

Dan Frey
Cisco Employee
Cisco Employee
In response to p.mchenry1@snhu.edu

‎05-18-2022 07:01 AM

Yes, it is a linux machine, download net-snmp and mib files.   Most MIBS are not built for specific platforms and are common across most platforms.   MIB2 is common across most platforms and vendors, and there are other mibs that are vendor specific.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card