Discovery apps are one reason I'd normally turn off any authentication traps on any device, at least by default. Interestingly, the trap was being generated because a different PC, running HP OpenView Network Node Manager (NNM) was trying to discover devices but used an incorrect community string when talking to the HP switch. We are asking HP to help us turn off this specialized trap. However, we had used the CLI of the HP switch to turn OFF authentication trap sending, but that of course does not affect other than standard authentication traps. In our case, we had configured a trap destination in the HP switch so it would send traps to a pc running snmptrapd -Le (or something close to that, from memory). We could see the source ip in snmptrapd.exe (part of net-snmp - see ). For example, you might want NNMi to dampen an incident based on a particular status change notification trap and participation within a specified Node Group or. In our case, we could see something very enterprise specific (check the OID of the trap itself in whatever tool is showing you the trap that arrived). Examples of the type of data that can be used as a Payload Filter include SNMP trap varbind names and values as well as Management Event CIA (Custom Incident Attribute) names and values. That sounds similar to a situation we've experienced where an HP ProCurve switch (3400/6400) will send out what looks like an authentication trap, but it is a specialized one.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |