Service Operations Insight

Expand all | Collapse all

Developing new policy snmp CA SOI

Jump to Best Answer
  • 1.  Developing new policy snmp CA SOI

    Posted 05-22-2018 02:44 PM

    I'm developing a new SNMP policy, the alert I get and it appears on the SOI console, however the class shows unknown.

    I have not found a debug log for the CA catalyst to see the item and the alarm.

    Attached is the snmp policy I developed and the SOI console image.

    Anyone have any ideas where I'm going wrong?

    Attachment(s)



  • 2.  Re: Developing new policy snmp CA SOI

    Posted 05-23-2018 05:45 AM

    Can't see how the alert is being written as no Write statement

     

    <Write>
      <Field type="file" name="outfile" properties="*" />
      <Field type="publishcache" properties="*" />
     </Write> 

     

    But assume that is being done by proxy somewhere ????

     

    The alert is not being asserted against the Application CI if that is your intention, has the alert sufficient correlate-able   properties to tie the two together  ??? Is the alert AlertedMdrElementID matching the CI  MdrElementID

     

    Not sure this will help, but I would normally create the item first and do I write at the end of each Eventclass



  • 3.  Re: Developing new policy snmp CA SOI

    Posted 05-23-2018 10:23 AM

    Hello John,

     

    I changed the write statement as suggested, and some way to declare the item. But it did not.
    follows the policy. The IC to be continued unknown.

     

    Do you have any other ideas?

     

    Follows in the attached the policy after the change:

     

    This is the alert received on the EventStore:

     

    <event container='TestInject-1377532.in'>
        <raw>
          <snmp_agent>10.200.43.101</snmp_agent>
          <snmp_peeraddress>10.200.43.101/64124</snmp_peeraddress>
          <snmp_community>public</snmp_community>
          <snmp_varbindvals>METRIC_ALM_10042,2,Servidor 10.200.173.24 apresentou disponibilidade de 99.988% (Abaixo de 100%)
    Detalhes:
    Aplicacao: NOVO RDO
    Camada: Layer-7
    Servidor: 10.200.173.24
    Disponibilidade: 99.988%
    Qtd. de Falhas: 2,Layer-7,NOVO RDO,*,*,*,10.200.173.24,*,*,*,*,*,*,*,*,*,*,99,%,100,2,-,SINGLE</snmp_varbindvals>
          <snmp_varbindoids>1.3.6.1.4.1.3279.1.1.8.1.9999999.1,1.3.6.1.4.1.3279.1.1.8.1.9999999.2,1.3.6.1.4.1.3279.1.1.8.1.9999999.3,1.3.6.1.4.1.3279.1.1.8.1.35.1,1.3.6.1.4.1.3279.1.1.8.1.35.2,1.3.6.1.4.1.3279.1.1.8.1.35.3,1.3.6.1.4.1.3279.1.1.8.1.35.4,1.3.6.1.4.1.3279.1.1.8.1.35.5,1.3.6.1.4.1.3279.1.1.8.1.35.6,1.3.6.1.4.1.3279.1.1.8.1.35.7,1.3.6.1.4.1.3279.1.1.8.1.35.8,1.3.6.1.4.1.3279.1.1.8.1.35.9,1.3.6.1.4.1.3279.1.1.8.1.35.10,1.3.6.1.4.1.3279.1.1.8.1.35.11,1.3.6.1.4.1.3279.1.1.8.1.35.12,1.3.6.1.4.1.3279.1.1.8.1.35.13,1.3.6.1.4.1.3279.1.1.8.1.35.14,1.3.6.1.4.1.3279.1.1.8.1.35.15,1.3.6.1.4.1.3279.1.1.8.1.35.16,1.3.6.1.4.1.3279.1.1.8.1.35.17,1.3.6.1.4.1.3279.1.1.8.1.35.18,1.3.6.1.4.1.3279.1.1.8.1.35.19,1.3.6.1.4.1.3279.1.1.8.1.35.20,1.3.6.1.4.1.3279.1.1.8.1.35.21,1.3.6.1.4.1.3279.1.1.8.1.35.22</snmp_varbindoids>
          <snmp_genericTrap>6</snmp_genericTrap>
          <snmp_ticks>154233</snmp_ticks>
          <snmp_requestID>0</snmp_requestID>
          <snmp_errorStatus>Success</snmp_errorStatus>
          <snmp_enterprise>1.3.6.1.4.1.3279.1.1.8.2</snmp_enterprise>
          <snmp_specificTrap>35</snmp_specificTrap>
          <snmp_errorIndex>0</snmp_errorIndex>
          <entitytype>Alert</entitytype>
          <eventtype>Alert_CI_App</eventtype>
          <ConnectorConfigMdrProduct>CA:00036</ConnectorConfigMdrProduct>
          <ConnectorConfigMdrProdInstance>camutanga.prodesp-dc02.sp.gov.br</ConnectorConfigMdrProdInstance>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.1>METRIC_ALM_10042</varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.1>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.2>2</varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.2>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.3>Servidor 10.200.173.24 apresentou disponibilidade de 99.988% (Abaixo de 100%)
    Detalhes:
    Aplicacao: NOVO RDO
    Camada: Layer-7
    Servidor: 10.200.173.24
    Disponibilidade: 99.988%
    Qtd. de Falhas: 2</varbind-1.3.6.1.4.1.3279.1.1.8.1.9999999.3>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.1>Layer-7</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.1>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.2>NOVO RDO</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.2>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.3>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.3>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.4>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.4>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.5>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.5>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.6>10.200.173.24</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.6>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.7>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.7>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.8>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.8>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.9>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.9>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.10>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.10>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.11>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.11>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.12>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.12>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.13>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.13>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.14>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.14>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.15>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.15>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.16>*</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.16>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.17>99</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.17>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.18>%</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.18>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.19>100</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.19>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.20>2</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.20>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.21>-</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.21>
          <varbind-1.3.6.1.4.1.3279.1.1.8.1.35.22>SINGLE</varbind-1.3.6.1.4.1.3279.1.1.8.1.35.22>
          <OccurrenceTimestamp>2018-05-23T10:53:33-03:00</OccurrenceTimestamp>
          <ReportTimestamp>2018-05-23T10:53:33-03:00</ReportTimestamp>
          <AlertType>Risk</AlertType>
          <AlertedMdrProduct>CA:00036</AlertedMdrProduct>
          <MdrProduct>CA:00036</MdrProduct>
          <ClassName>Alert</ClassName>
          <MdrProdInstance>camutanga.prodesp-dc02.sp.gov.br</MdrProdInstance>
          <AlertedMdrProdInstance>10.200.43.101</AlertedMdrProdInstance>
          <MdrElementID>AlertDcrum-10.200.43.101:CA:00036:10.200.173.24</MdrElementID>
          <AlertedMdrElementID>10.200.43.101:CA:00036:10.200.173.24</AlertedMdrElementID>
          <Summary>DCRUM DEVICE APPLICATION DOWN ALARM</Summary>
          <CreationTimestamp>2018-05-23T10:53:33-03:00</CreationTimestamp>
          <Message>DCRUM DEVICE APPLICATION DOWN ALARM
    Event Alarm = METRIC_ALM_10042
    Event Severity = 2
    Event Description = Servidor 10.200.173.24 apresentou disponibilidade de 99.988% (Abaixo de 100%)
    Detalhes:
    Aplicacao: NOVO RDO
    Camada: Layer-7
    Servidor: 10.200.173.24
    Disponibilidade: 99.988%
    Qtd. de Falhas: 2
    Event Layer = Layer-7
    Event Application = NOVO RDO
    Event Server IP address = 10.200.173.24
    Event Metric value = 99
    Event Unit of measure = %
    Event Threshold = 100
    Event Auxiliary metric value = 2
    Event Auxiliary unit of measure = -
    Event Alert triggering mode = SINGLE</Message>
        </raw>
      </event>

    Attachment(s)



  • 4.  Re: Developing new policy snmp CA SOI

    Posted 05-23-2018 12:18 PM

    Do you have a projection for your CI from this Connector for Application class - this example is ResourceServer

     



  • 5.  Re: Developing new policy snmp CA SOI

    Posted 05-23-2018 01:17 PM

    Hello John,

     

    I did not do this projection. I just got a ready template that works here and replicated it to this new application.

    I made one from: to: and there are fields that are empty.

    I will redo the Item format and add other fields that I will not declare in this policy then report the result.



  • 6.  Re: Developing new policy snmp CA SOI

    Posted 05-25-2018 01:42 PM
      |   view attached

    Hello John,


    DCRUMis software that monitoring applications. And it is sending trap (availability and performance) to the SMNP connector. I already mapped it.

     

    I've reviewed the entire policy, check all the attributes and values I want it to generate, but the Alert is generated and it appears on the SOI console, but it does not generate the IC properly it continues as unknown.
    I have no idea what it might be. Follow attached the alert.



  • 7.  Re: Developing new policy snmp CA SOI
    Best Answer

    Posted 05-28-2018 11:57 AM

    Hi Elen,

     

    there is one generic problem in your policy:

    the different EventClasses for the Item are not in a sequence, e.g. the system does not know how to order them.

    This is how it should be:

    "Item"   - this is the main class

    "Application" extends "Item"   - this is not required, because you keep it empty, and you better define the things yourself, then you know what happens

    "Dorum_CI" extends "Item"   - you are missing the extends, e.g. the system will not take over anything from parent classes

    "Disponibilidade_CI" extends "Dorum_CI"   - your Classify in the Dorum_CI mentions this subclass. e.g. it must be an extension of Dorum_CI and not Application

     

    For the Alert:

    You specify a class Alert_Discarded, but don't have that class defined.

    This only generates confusion for the system and you even might find errors in the debug log.

    What do you try to achieve with that?  I assume, you want to drop these Alerts.

    But that does not happen, because you define all attributes in the Alert_CI class.

    The only thing that would happen in the subclass Alert_Discarded is, to add or modify attributes, like you do in the Alert_CI_App class.

     

    For better understanding:

    Classify is not branching off, but tells the system to read an additional class.

     

     

    Please adopt the policy accordingly, and if there are still problems, let me know.

    We can go step by step to get the policy to work.

     

    MichaelBoehm



  • 8.  Re: Developing new policy snmp CA SOI

    Posted 05-28-2018 12:02 PM

    And one more thing:

    The Application class has a mandatory attribute: ProductName.

    But you are not defining that, e.g. the CI will never be created.



  • 9.  Re: Developing new policy snmp CA SOI

    Posted 05-29-2018 10:51 AM
      |   view attached

    Hello MIchael,

     

    Thank you very much for the help! I made every order as he described, I adjusted the attributes as well. And the ICs were created successfully !!

    Look the file in attached.

     

    Elen



  • 10.  Re: Developing new policy snmp CA SOI

    Posted 05-29-2018 05:44 AM

    To to add what Michael has said ... if you refer to D:\CA\SOI\tomcat\registry\topology\logical\tenant0\usmschema\usm-infradefaults.xml (on manager) or D:\CA\Catalyst\CatalystConnector\registry\topology\logical\tenant0\usmschema\usm-infradefaults.xml (on connector) for the Application Class, it indicates what mandatory fields it needs to use or choose from for the Instances Name and Label, as Michael says it needs the ProductName. You can see in this file the difference between Application Class and the ComputerSystem class, ComputerSystem is not so demanding, does not require the Instance Name    



  • 11.  Re: Developing new policy snmp CA SOI

    Posted 05-29-2018 10:42 AM

    Hello John!!

     

    Helped me a lot this xml! I understood the structure of the attributes, and updated in policy!
    Worked perfectly.
    thank you