DX NetOps

I'm working on a project right now that will include a fresh rollout of Spectrum, CAPC, DA, NFA and ADA.  I'll be using Spectrum for device discovery via unsolicited traps and DA will build its discovery profile/inventory based on what Spectrum finds.  DA will be used for monitoring all device up/downs, interface states, threshold exceptions, etc. and sending traps over to Spectrum for alerts.  Right now I'm working on documenting what the SNMP trap configurations should be for the devices (routers, firewalls, ADCs, switches, servers, etc.).  My question is, what do your device configs look like?  What traps have you found to be the most useful?  I definitely want to have things like system boot, environment temperatures, routing adjacency changes, mpls session changes, interface transitions, etc. included but am curious as to what others are running.  Are there things you wish you were getting but aren't?  Are there traps that Spectrum is receiving that you're just suppressing and not using?  Any and all insights are welcomed.  Thanks.

I am pretty much in the same boat as you are.  We have a IM 2.0 setup right now that I have never rally liked as I liken it to rushing to set up CAPC, Spectrum, and the rest and see what happens.  Oh we have some nice dashboards but we also also have a lot of gaping holes.  I finally have Spectrum, with the exception of NCM and a few other components of stable.  I am now just going to setup a brand new CAPC 2.4 environment and start over but this time slowly.  Our enterprise consist of over a 100 remote sites and two data centers.

I would suggest starting out with Spectrum first and get the your devices discovered and modeled and into collections that make sense not only to you but are also aligned to how your business is.  You can have collections for locations, devices, etc. Then get the alarm notices down in Spectrum. Next move on to watches. Know what information you want Spectrum to give you and go slowly and just take it one device or network at a time. After I have Spectrum right, I will then move over to CAPC and with the DA repeat the process all over again and discover one subnet/location at a time.  I'll basically do one site a day and not move on to the next site until I have that site perfect with Spectrum, NFA, CAPC, and ADA. 

The key that I learned the HARD WAY is to start small and build up slowly taking each component slowly.  Once you start getting a couple of sites down the others will start falling into place as you have a firm foundation.

Feel free to contact me with any questions

Hello Jbovee,

Here are the traps which were enabled by most of the customer in my experience. It all depends on your requirement and environment.

1) Syslog

2) Environmental

3) BGP/OSPF

4) Reboot traps

As usual we need to configure snmp strings/port/trap destination on the device and the same should be provided under auto discovery option of vnm model in Oneclick.

Few more traps based on your requirement:

aaa-server — Send AAA notifications.

bgp—Sends Border Gateway Protocol (BGP) state change notifications.

bstun—Sends Block Serial Tunneling (BSTUN) notifications.

calltracker—Sends CallTracker notifications.

config—Sends configuration notifications.

dlsw—Sends data-link switching (DLSw) notifications.

ds0-busyout—Sends ds0-busyout notifications.

ds1-loopback—Sends ds1-loopback notifications.

dspu—Sends downstream physical unit (DSPU) notifications.

dsp—Sends digital signal processing (DSP) notifications.

entity—Sends Entity Management Information Base (MIB) modification notifications.

envmon—Sends Cisco enterprise-specific environmental monitor notifications when an environmental threshold is exceeded.

frame-relay—Sends Frame Relay notifications.

hsrp—Sends Hot Standby Router Protocol (HSRP) notifications.

isdn—Sends Integrated Services Digital Network (ISDN) notifications.

msdp—Sends Multicast Source Discovery Protocol (MSDP) notifications.

llc2—Sends Logical Link Control, type 2 (LLC2) notifications.

repeater—Sends standard repeater (hub) notifications.

rsrb—Sends remote source-route bridging (RSRB) notifications.

rsvp—Sends Resource Reservation Protocol (RSVP) notifications.

rtr—Sends SA Agent (RTR) notifications.

sdlc—Sends Synchronous Data Link Control (SDLC) notifications.

snmp—Sends Simple Network Management Protocol (SNMP) notifications (as defined in RFC 1157).

stun—Sends serial tunnel (STUN) notifications.

syslog—Sends error message notifications (Cisco Syslog MIB). Specify the level of messages to be sent with the logging history level command.

tty—Sends Cisco enterprise-specific notifications when a Transmission Control Protocol (TCP) connection closes.

voice—Sends voice notifications.

x25—Sends X.25 event notifications.

xgcp—Sends External Media Gateway Control Protocol

HTH

Kalyan