sunhux
asked on
Sending Snmp trap events to an SMTP/Exchange & SolarWind
We have apps that send alerts out via SNMP (think it's v2 SNMP): is there any way these
events are sent to an SMTP server (we use Exchange) or to SolarWind (our monitoring tool)?
If sent to SolarWind, we want to be alerted via email or SMS.
Our apps read the events from a custom Oracle DB (from a SWIFT application).
We have Splunk SIEM being deployed but not ready yet so wanted to use the other 2 options 1st.
events are sent to an SMTP server (we use Exchange) or to SolarWind (our monitoring tool)?
If sent to SolarWind, we want to be alerted via email or SMS.
Our apps read the events from a custom Oracle DB (from a SWIFT application).
We have Splunk SIEM being deployed but not ready yet so wanted to use the other 2 options 1st.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
for author advice
ASKER
One last query: the SNMP trap when converted to email has very lengthy content.
Is there any way to shorten it to just the 3 lines indicated below by <== leaving out
the rest of the lines in the email ?
17/11/2017 11:22 AM : SNMPv2-SMI:enterprises.184 94.2.0.1 SNMP Trap
Received Time:17/11/2017 11:22:45 AM <==
Source:10.4.x.y (hostname of server) <==
Community:MYB2beR0
Variable Bindings
enterprises.18494.2.1.1:= ACCESS_TEST
enterprises.18494.2.1.2:= 17/11/2017
enterprises.18494.2.1.3:= 11:22:19
enterprises.18494.2.1.4:= BSA
enterprises.18494.2.1.5:= 3000
enterprises.18494.2.1.6:= Info
enterprises.18494.2.1.7:= Operator
enterprises.18494.2.1.8:= Successful signon
enterprises.18494.2.1.9:= Operator LSO : Left security, Locally authenticated - successfully signed on to the terminal '10.4.x.y@3' at 11:22 using 'Alliance Web Platform' <==
snmpTrapOID:= SNMPv2-SMI:enterprises.184 94.2.0.1 (1.3.6.1.4.1.18494.2.0.1)
sysUpTime:= 0.01 second (1)
experimental.1057.1.0:= 10.4.x.y
snmpTrapEnterprise:= SNMPv2-SMI:enterprises.184 94.2 (1.3.6.1.4.1.18494.2)
Is there any way to shorten it to just the 3 lines indicated below by <== leaving out
the rest of the lines in the email ?
17/11/2017 11:22 AM : SNMPv2-SMI:enterprises.184
Received Time:17/11/2017 11:22:45 AM <==
Source:10.4.x.y (hostname of server) <==
Community:MYB2beR0
Variable Bindings
enterprises.18494.2.1.1:= ACCESS_TEST
enterprises.18494.2.1.2:= 17/11/2017
enterprises.18494.2.1.3:= 11:22:19
enterprises.18494.2.1.4:= BSA
enterprises.18494.2.1.5:= 3000
enterprises.18494.2.1.6:= Info
enterprises.18494.2.1.7:= Operator
enterprises.18494.2.1.8:= Successful signon
enterprises.18494.2.1.9:= Operator LSO : Left security, Locally authenticated - successfully signed on to the terminal '10.4.x.y@3' at 11:22 using 'Alliance Web Platform' <==
snmpTrapOID:= SNMPv2-SMI:enterprises.184
sysUpTime:= 0.01 second (1)
experimental.1057.1.0:= 10.4.x.y
snmpTrapEnterprise:= SNMPv2-SMI:enterprises.184
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.