DX NetOps

So I have a situation I can't quite figure out how to write a test for an was wondering if anyone could help...

I have a situation when a device changes state, however I don't care what the state is, just that it has changed (It could be active to standby or standby to active).  To compound the fact, this is a Display String.  I tried an EoC, but need to apply a threshold to it for alarm.  I don't care which state it's in, only that it has changed state:

state = "active"

Changed to "standby"

Alarm...

and

state = "active"

changed to "standby"

Alarm.

Anyone have any insight on how I might do this?  Applying a threshold to the variable on an EoC won't work because I don't know what the previous state was and I really don't care, only that it changed.  I can't throw an event or a alarm without applying a threshold, so I'm not sure what that threshold should be since it can be either state, it's really dependent on the previous state.  I did change the variable in the database to be database, memory and polled, but I'm stuck on how to produce this alarm.

        Thanks

             David

David,

What is the exact Spectrum attribute you are trying to use for this?

Joe

In this case its in CHECKPOINT-MIB.  It's specifically the Hastate variable.  I need to know when either or both of the firewalls transition there state.  We've had a number of firewalls transition state due to errors as of late, and I'm trying to figure out a way to sense when one of both of an HA pair of firewalls fails.  This was the only variable that I could find that would give us the current state.

           Dave

Dave,

I think I have a solution for you. I did this in my lab using the sysContact attribute and it worked. There should be no reason it does not work for hastate.

First, I needed to create a reference attribute. I used the Model Type Editor (MTE) to create a database text attribute on the Root model type called "Reference" with a default value I know the sysContact value on my model would never be.

I then created  the following watch on my test model type (Rtr_Cisco) with the following parameters:

Notice in the above watch, the Evaluate is set to "By Change" (Evaluate On Change - EoC) and the Threshold violated is my "Reference" attribute. Also, the watch is set to be User Clearable and to reset upon user clearing the alarm.

In order for an EoC watch to work, Spectrum has to actually read the value of the attribute to see if the value has changed from the previous time that attribute was read. This can be done by manually reading the attribute using the Attribute Browser or by putting the attribute in a OneClick subview so the value is read when the subview is viewed by a user. However, I am assuming you would want Spectrum to read it periodically by itself with no user action required.

I accomplished this by creating another watch that reads the value of sysContact every 60 seconds. The following are the watch parameters:

After doing the above, when the value fo sysContact changed for my model, I received the standard "Threshold Violated" event 0x480004. I did specify to user a custom Probable Cause with the Alarm Title "HASTATE HAS CHANGED"

When the alarm is cleared, since reset upon user clearing the alarm is set, the next time it changes, the alarm will be reasserted.

Hope this helps.

Joe

We use the following watch to monitor checkpoint HA state

Here is my documentation on why and how this works. We have a large firewall environment and its been 100% accurate.