cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2294
Views
5
Helpful
11
Replies

Prime Infrastructure 2.1 - Configured from xx.xx.xx.xx by snmp

jmandersson
Level 1
Level 1

Hi,

 

Every time our PI runs through a Discovery jobb, every device sends a %SYS-5-CONFIG_I syslog. What has PI done in config mode on the device and can this behaviour be changed?

In our case, our tool for configuration management triggers on this syslog and fetch the latest config/vlan.dat which caused unnecessary traffic/load on the switches. 

 

Regards,

Johan

1 Accepted Solution

Accepted Solutions

PI 2.2 was just released yesterday and the release notes don't indicate this was a "resolved caveat"

View solution in original post

11 Replies 11

jmandersson
Level 1
Level 1

Found a bug  that matches my description above: CSCuq76894

 

Symptom:
Found that Prime Infrastructure is doing an snmp set on sysLocation during the switch inventory background task. Customers are seeing "Configured from x.x.x.x by snmp" in the device logs.

The snmp set is not changing the sysLocation on the device, however, it is still sending a set.
 

No Known Fixed Release are mentions in the description, but I hope it's fixed in PI2.2

PI 2.2 was just released yesterday and the release notes don't indicate this was a "resolved caveat"

To bad, but I guess there is a chanse it's fixed anyway.

The information in Bug tool is a bit strange: Status: Fixed, Known Affected Releases: 2.1.1, Know Fixed Releases: 0

 

So it's fixed but no known fixed releases :)

Sorry to bear bad news but...

I checked my logs this morning and my PI 2.2 instance is generating the same log entries when it inventories the switches:

000195: Dec 18 22:05:50 EST: %SYS-5-CONFIG_I: Configured from 10.0.9.98 by snmp

PI/admin# sh int GigabitEthernet 0 | i addr
          Link encap:Ethernet  HWaddr 00:50:56:BE:24:85  
          inet addr:10.0.9.98  Bcast:10.0.9.255  Mask:255.255.255.0

Okay, thanks. 

I'l guess I have to take a capture to see if it's CSCUq76894 or something else.

We have customer reporting this issue.

 

I believe cisco feels that if you can just ignore the syslog messages that this means this issue is not an issue.

 

I'm trying to explain cisco TAC, customers have PI to provide information, not noise.

 

Hopefully my message gets through.

I will post here if I get a real fix.

 

Cheers,

 

Michel
 

Thanks for your input!

 

I had a case regarding the problem and this is the answer:
" Bug Id CSCut31699 and will be fixed in version PI 3.0 which is due to be released"

 

 

I had different feedback. Completely ridiculous.

 

"The fix for this bug is to edit the documentation for this bug so the writing you see is the default behavior.

If you feel that this usual behavior is not accepted, please contact your account manager to open a Product Enhancement Request for this issue."

 

I advised my customer to contact his escalation points.

What else can you do.

 

Cheers,

 

Michel

Hi guys,

I have the same question on Prime 3.2 and this behavior is desired and still the same. Basically prime tests if it can write via SNMP to a device by reading the sysLocation and writing the same information back. This is somewhat described here: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-0/user/guide/pi_ug/update_dev_inventory.html 

"As part of the SNMP read-write credential verification on the device, a log message appears in the managed device indicating there was a configuration change from the IP address of the Prime Infrastructure server during the inventory task."

Haven't found a way to disable this...

Same issue here, except I am using Prime 3.1.

This causes quite a headache for some of my colleagues that use ADSM for firewall management.  It seems that this does trigger a "configuration change" and causes ASDM to want to refresh the config because it believes a config change was made. 

I really wish there was a way to disable this.  It's extremely annoying. 

It might not be possible to stop Prime from running the SNMP write test but it is possible to filter those logs from reaching the local buffer or the syslog server with the help of a logging discriminator.

Give the following confiig a try (my prime was at 10.100.0.155):

              logging discriminator NO_SPAM msg-body drops "Configured from 10.100.0.155 by snmp"

              logging buffered discriminator NO_SPAM 100000 

              logging console discriminator NO_SPAM

              logging monitor discriminator NO_SPAM

              logging host 10.100.0.155 discriminator NO_SPAM

/Mirko

Review Cisco Networking for a $25 gift card