Simple network management protocol (SNMP) is a widely used network monitoring protocol that helps you to monitor remote devices that are connected via SNMP.
The architecture of SNMP includes three components: SNMP manager, managed device and SNMP agent.
Traps are cryptic messages that are sent from the agent on the monitored device to the SNMP manager when a fault/network issue occurs in the device. The SNMP manager (monitoring server) in turn converts the trap into an alarm to notify the user. In short, a trap is sent immediately when something goes wrong in the monitored device.
For example, let us consider a printer that is remotely monitored by OpManager (SNMP Manager) using its SNMP monitoring feature. When an error occurs, say a paper jam issue, a trap is instantly generated in the printer and sent to OpManager, which in turn converts it into an alarm to notify the user.
The data inside a trap is in the form of an object identifier (OID) value-pair and each value pair is called as a variable binding (varbind). The traps received are in a non-human-readable format and we process traps to convert this information into meaningful and human readable data.
The OID value associated with each trap is unique. This means that each metric that is monitored (for eg: Paper Jam, Door Open) will have a different OID in order to distinguish the traps.
Traps received in OpManager's SNMP trap monitor for faults/network issues/threshold violations will be converted into alarms to notify the IT admin.
While adding a Trap Processor, users can define the Match Criteria. The match criteria defines the varbind values, if the values match with the data inside the incoming trap OID, then an alarm will be raised. This alarm is generally called a Trap Alarm.
The Rearm criteria is defined to clear the alarm. When the varbind values of the incoming trap OID matches with the rearm criteria, then the alarm is cleared.
Navigate to Alarms --> Trap Alarms to view the list of trap alarms for devices.
Pre-requisite
In order to receive and process traps in OpManager, a user should configure the OpManager installed server as the trap destination in the monitored device.
Before processing traps, a user should enable trap processing in OpManager and complete the basic configurations.
Users can use OpManager to receive traps from an end device and process them in 3 different ways.
Following are the steps to load the traps from various MIBs:
A Processor for the selected trap will be added, and will be listed.
1. Navigate to Settings--> Monitoring --> SNMP Trap Processors. Hover the cursor over the Actions tab and click on Add.
2. Choose the SNMP version - SNMP v1/ SNMP v2c/v3 and enter the Name and Description.
Note: When you use SNMP v3 to monitor a device and receive traps, please ensure that the same credentials are used for device monitoring and the traps.
3. If you choose SNMP v1, then choose the Generic Type from the drop down. OpManager supports the following types of traps for SNMP v1.
4. Enter the Trap OID (monitoring parameter) and the Severity of the alarm for that trap.
5. Enter the details of Failure Component. The failure component represents the metrics that are monitored in a source device and is used to limit the number of trap processors. For example, OpManager monitors the CPU utilization and the Fan status of a remote device, and the agent on the device sends a trap for high CPU utilization and another trap to notify Fan failure status. Because both these traps are from the same source device, OpManager will combine these two traps and consider them a single entity to limit the number of trap processors.
6. Enter the Source, which is the device from which the trap is received. The trap alarm will be mapped to this device.
7. Enter the Message. The content in the Message field contains the description for the created trap alarm.
8. Choose the Match Criteria protocol - AND/OR. Then choose the number of Varbinds and enter the corresponding Match Value. An alarm will be generated only when this value is matched with incoming trap. In the same way, enter the Rearm Criteria details. When the varbind values of the received trap matches with the varbind values configured for the Rearm Criteria the alarm raised for the trap will be cleared.
You can perform the following actions with the alarms raised for traps.
The Notification Profile in OpManager provides a variety of options to handle the alarms. While primarily it is used to send the alarm details via email/SMS to the IT admins, it can be used to perform other actions like logging a ticket or running a program. This helps IT admins to monitor devices remotely and receive notifications on network issues.
Remote network monitoring is further simplified with OpManager's mobile application which is available for iOS and android users. Using the app you can get instant push notifications on device down status, faults and other performance degradation issues, so that you never miss an alert.
You can execute a saved workflow on a trap alarm. For example, you can raise a critical trap alarm as a ticket in desk applications like ServiceDesk Plus or ServiceNow to rectify the fault quickly.
For every alarm that is raised you can perform the following actions: Acknowledge, Unacknowledge, Clear and Delete.
But when IT admins fail to attend an alarm for a long time, the update can be escalated by configuring the Alarm Escalation Rule and the unattended alarm details can be sent to the concerned team members via SMS and email.
Thank you for your feedback!