Simulating snmp traps events to Solarwinds

Our Solarwinds admin guy said he can't set up rules unless a sample event is sent to solarwinds.

We have about 70 events from an app : so far the apps team only could get someone to login/logoff
to simulate once such event but for the other 69 events, need to do reboot etc which they can't
unless there's downtime.

Attached is the full list of snmp events our apps team gave to me.

I'm wondering :

a) what exactly our solarwinds admin is expecting or hinders him from creating rules?  He's
    elusive & extremely busy (ie no time to show me)

b) are there free tools like snmpwalk etc which I could trigger sample events?

I'm sure Cisco devices & Windows events which are currently sent to the solarwinds will
go through the same process to be monitored but really doubt the network chaps will
send the 100+ Cisco event types to Solarwinds for them to be monitored.
SAA-Event-Distribution-Snmp.XLSX
sunhuxAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
It seems to be writing a SIEM rule as compared to SNMP traps. The latter should be straightforward such that it just need to know what sort of traps to configure to be received by Solarwind.
http://www.solarwinds.com/documentation/en/flarehelp/ncm/content/core-monitoring-snmp-traps-sw593.htm

So let say it is to set SNMP Trap, then OID and action to take is important. I am not so certain that you really need a sample as it is complicating a simple rule format like this and as long as details of such is defined then sample is not necessary
General
Filter on IP Addresses

DNS Hostname
Filter on DNS Hostname using RegEx

Trap Details
Filter on Trap Type using RegEx

Community String
Filter on SNMP Community String using RegEx

Conditions
Filter on SNMP OID using Boolean operators

Time of Day
Filter on Time of Day

Trigger Thresholds
Allows you to set suppression rules

Alert Actions
This tab allows you to set a action for this rule. The actions are executed in the listed order
https://support.solarwinds.com/Success_Center/Network_Performance_Monitor_(NPM)/Create_a_Trap_Rule

But if the sample is syslog message instead of traps then it should be alluding to SIEM rule and not trap rule. Search for syslog rule ti show the section of this
Configuring Syslog Viewer Filters and Alerts

The Syslog Viewer can be configured to signal Orion alert actions when Syslog messages that are received from network devices match defined rules. The steps in the following procedure establish rules that filter Syslog messages and initiate alert actions as you determine.
Configure alerts and filters for either syslog or trap messages.


For Syslog Messages: Click View > Alerts/Filter Rules in the Syslog Viewer (SolarWinds Orion > Syslog and SNMP Traps), check NCM Rule: Cisco IOS Realtime Change Notifications, and click OK.


For Trap Messages: Click View > Alerts/Filter Rules in the Trap Viewer (SolarWinds Orion > Syslog and SNMP Traps), setup your rule and filters, and click OK.

Note: SolarWinds does not include a pre-defined rule with filters for trap messages since we strongly recommend using the syslog option instead.
http://www.solarwinds.com/NetPerfMon/SolarWinds/wwhelp/wwhimpl/js/html/wwhelp.htm#href=OrionAdministratorGuide.1.221.htm&CMPSource=THW&CMP=REFDOM
0
 
Scott TownsendConnect With a Mentor IT DirectorCommented:
If you know the specifics of the Trap that you want to generate you can use http://trapgen.trapreceiver.com to generate them.

We had a Demo of a device that required SNMP traps to be sent to it for it to work. so we use the TrapGen in a Batch file to create the type of traps that the device needed to work for the Demo.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.