DX NetOps

Hi there,

We are  looking at checkpoint traps and can see this for saved configuration as attached (checkpoint). However when we look at the mib we see this confirmed as such (second attachment).

Therefore when we save the configuration of a checkpoint it comes through on a slightly different MIB (3000.10.1.2)  which is not defined (as per the third screenshot), check here were the 3000 tree is just a trap oid and nothing else

This is the MIB for checkpoint R80.10 release.

Anyone else seen this ?

cheers,

Ian

Hi,

I don't understand the question. The two first attachment are showing actual traps, while the third one is showing an OID of a variable of a trap. If the question is about the '6' vs '0', this is a convention between SNMPv1 and v2 to be able to distinguish traps.

Willing to help if you provide a bit more details.

Christophe

Thanks Christophe for the reply and reading through I can see a little confused, to say the least !

OK hope this clarifies it

In this example from a test checkpoint we sent a trap using the Mib as defined in what spectrum sees (10.1.6.2) and then loaded up the MIB in a trap receiver tool. As you can see the one sent 10.1.6.2 does not resolve to the trap as the system sees the trap as 10.1.2 which is then resolved with the correct trap description (top right).

I hope that clarifies it. ?

Cheers,

Ian

Ok, so that is what I understood!  The '6' inserted before the last number is a common standard to convert specific traps from snmp v1 to v2c. Anyway, what matters is what Spectrum receives. Your receiver shows that you get a trap [...].10.1.6.2 so you have to adapt the AlertMap file accordingly to reflect that 10.1.6.2. So that should be a pretty easy work: go into the <$SPECROOT>/custom/Events directory, find the AlertMap file, open it, search for the 10.1.2 trap and modify the OID to 10.1.6.2. Reload the Events files and you should be good to go.

Is that what you need?

Thanks Christophe, I understand now and I will do as you advise and let you know.