Basic Nectus Monitoring

Device View Auto Population Rules

, ,

Device View Auto Population Rules

Device View is the logical grouping of the devices that can be used in different places within the Nectus application. In the previous versions of Nectus, the user would manually add devices into device views which may become a significant management overhead.

In Nectus version 1.55 we introduced an ability to automatically populate device views based on specific conditions such as device names, types, etc.

User can define a set of conditions which has to be true for Nectus to automatically add devices to device views.

This article will guide you through the process of defining the auto population rules for device views.

To access your SNMP Device Views go to Inventory Views SNMP Device View

 

 

To add a new Device View, click Create in the upper right hand corner of the SNMP Devices Views page.

 

Give a name to your new Device View.

 

.

Press Save button to finish creation of Device view.

 

Open again newly created device view and in the upper right-hand corner, select Edit Rules.

This will open the Devices View Auto Population Rules page.

 

Select the plus sign to add a new Auto Population Rule.

 

Add all the required Auto-population rules and press Ok button to Save.

If multiple rules are defined all the rules must be TRUE for device to be automatically added. (Logical AND).

Your rules will be processed daily at 3:00 PM.

If you would like to apply your rules immediately, press the Apply Rules button.

 

Monitoring BGP Sessions with Nectus

,

Monitoring BGP Sessions with Nectus

Nectus 1.2.53 introduces ability to automatically discover and monitor iBGP and eBGP sessions across all router types and manufacturers.

Nectus scheduled network discovery automatically finds all the BGP sessions via SNMP polls and adds it to Nectus database where user can group them by type and enable active monitoring and alerting.

BGP Session Discovery

As part of regular scheduled network discovery Nectus detects all existing BGP Sessions and adds it to one of the existing BGP group which has “Default” flag set to ON.

You can see all the BGP sessions that were discovered in Inventory -> BGP Sessions or in left side panel called “BGP Sessions

 

If you right-click on BGP Session and select “Properties

 

.. you can assign a human friendly name or change a group membership for any of the BGP sessions.

 

You can create multiple BGP session groups and assign discovered BGP sessions to different groups according to its type or functional purpose.

To create a new Group, right-click on “BGP Sessions” line and select “Add New Group” on context menu.

 

Configure New Group name, set “Enable monitoring” to ON if you want all BGP Sessions in this group to be monitored for UP/DOWN Status.

 

If you set “Default” value to ON, this group will become a group where all newly discovered BGP sessions be added automatically. Only one group can have “Default” value set to ON

You can also assign BGP Session to a Group by right-clicking on BGP session and selecting “Move BGP Session to..” option

 

 

By clicking “View Session Info” on BGP Session context menu you can view detailed information about BGP Session

 

 

After you finished creating BGP session groups, assigning BGP sessions to corresponding groups and enabling BGP session groups for Monitoring the final step is to enable BGP Sessions monitoring in corresponding SNMP Device Monitoring Profiles that are applied to the routers that terminate all the BGP sessions.

Find required SNMP Monitoring Profile and enable “BGP Session Status” Monitoring Option

Now are you all set to start monitoring your BGP sessions line a pro.

 

UPS Health Status Monitoring with Nectus

,

UPS Status Monitoring with Nectus

Health monitoring of UPS units is one of the most critical tasks of network infrastructure monitoring.

If UPS fails during power outage it results in immediate network downtime resulting in loss of revenue and degrading user experience.

Most of the modern UPS Units perform daily self-tests and results of those self-tests are available via SNMP protocol.

Our goal is to collect those self-test results on regular basis and generate an alert or incident when self-test indicates a UPS failure.

Step 1. Determine which SNMP OID to use

Very first step before you can start monitoring UPS health status is to determine which SNMP OID contains self-test information for your UPS units.

You can open a support case with your UPS vendor and request SNNP OID string for self-test information.

For example, SNMP OID for self-test information from UPS manufactured by APC is .1.3.6.1.4.1.318.1.1.1.7.2.3.0

This OID returns following values:

1 = Ok

2 = Failed

3 = Invalid Test

4 = Test In Progress

 

Step 2. Create Device View that contain all UPS units

Next step is to create a Device View that contain all UPS units that we want to monitor.

To create a Device View go to Inventory -> Views -> SNMP Device Views.

 

Create a new Device Vice called “UPS Units”

 

 

Step 3. Create Custom SNMP Tracker for UPS Self-Test Info

Now we are ready to create a custom SNMP tracker that will be polling our UPS units every 5 min for self-test information.

In Nectus GUI go to Monitoring → SNMP Monitoring Settings → Custom SNMP Trackers

 

Press “Create” button to bring up Custom SNMP Tracker creation interface.

Complete tracker General information tab with correct SNMP OID and select Device View that contains all UPS units that we want to monitor.

 

Select Email and SMS list for Alert Recipients.

In “Alerts” Tab we need to specify which status values will be considered Normal and which values should trigger Alerts.

You can specify multiple values separated by comma.

 

Define an Alert Severity level for Alarm Values as Informational, Warning or Critical.

Define number of consecutive readings for which UPS self-test status must report an Alarm condition before formal Alert is created.

Nectus performs one SNMP poll per 5 min.

If you define value for consecutive readings as 3 it should result in Alert created after 15 minutes of True Alarm conditions.

Press “Save” to complete Custom SNMP tracker creation for UPS Status Monitoring

This completes creation of custom tracker that will be monitoring UPS self-test information on all APC UPS units in your network.

 

Suppression of Frequent Identical Alerts In Nectus

,

Suppression of Frequent Identical Alerts In Nectus

Often when a network device or interface changes its state between Up and Down multiple times in a short time interval, numerous identical alerts will be sent to all the configured alert recipients.

Nectus offers the ability to suppress frequent identical alerts to reduce informational noise level by specifying a suppression timer for up to three hours.

Nectus calculates a CRC hash value from each of the email alert bodies and if hash values of two alerts are matching they are considered to be identical and can be suppressed.

Nectus excludes event timer values and specific metric values from hash calculation logic. You can configure the suppression timer from 0 to 180 minutes where 0 means no suppression.

To configure the suppression timer, go to    Monitoring -> Global Monitoring Settings

 

 

Under Monitoring Settings, select the Alerts tab.

To enable suppression specify a time interval from 1 to 180 minutes.

At the end of the time interval, alert logic will resume as normal.

Setting timer to 0 will disable the suppression.

 

 

Adjusting min. detectable ICMP outage duration in Nectus

,

Adjusting Min. detectable ICMP outage duration in Nectus

When Nectus is configured to monitor UP/DOWN Status for network devices with ICMP it sends Echo packets at preset interval called Inter-Packet Delay.

By default, this Interval is set to 10 seconds.

Network Device is considered down if Echo-Reply is not received for “N” consecutive Echo packets.

By default “N” is set to 10.

So, by combining Inter-Packet Delay and “N” Value we can see that minimum duration of the outage that can be detected by Nectus with default settings is 100 seconds.

Sometimes when network a prone to fast transient outages or burstable traffic patterns that can impact ICMP it may be beneficial to increase minimum detectable ICMP outage duration to higher value. This can helps to eliminate alerts about short lived outages and only alert on outages that have more lasting impact.

To adjust Inter-Packet Delay or “N” Value go to “Monitoring -> Global Monitoring Settings

 

And adjust values on “ICMP Monitoring” Tab according to your business needs.

 

Multiple Alert Email Aggregation in Nectus

,

Multiple Alert Email Aggregation in Nectus

Very often during site level power or network outages or during network maintenance multiple devices become offline at the same time causing multiple individual DOWN Email alerts to be sent at the same time.

Depending in the size of the site it can be well over hundreds or even thousands alert emails to be sent out to corresponding e-mail recipients configured for given site.

Starting from version 1.2.52 Nectus offers an option to aggregate multiple DOWN or UP email alerts into a single multi-device alert notification containing a list of all devices that became DOWN or UP within last monitoring interval.

To enable Alert Aggregation, go to Monitoring -> Global Monitoring Settings: “Alert” Tab

And Select “Aggregate multiple UP/DOWN Alerts” Option.

 

Monitoring Cisco Power Supplies with SNMP

,

Monitoring Cisco Power Supplies with SNMP

Cisco Power Supply

Cisco Power Supply

Step 1. Determine which SNMP OID to use

Very first step before you can start monitoring power supply status is to determine which SNMP OID is supported by specific router or switch type you want to monitor.

The main challenge here is that there is no consensus among manufacturers on specific SNMP OID and even within Cisco products OID can be different on different product lines.

Let’s take Cisco Catalyst 3750 series switches as an example.

For all Cisco 3700 series switches SNMP OID that contain power supply status is .1.3.6.1.4.1.9.9.13.1.5.1.3 (ciscoEnvMonSupplyState) from CISCO-ENVMON-MIB

Cisco TAC is usually a good resource to confirm which OID can be used for different Cisco product lines.

 

Step 2. Obtain Power Supply Index Values

Next step is to perform SNMP GET BULK or SNMP Walk query for selected OID (.1.3.6.1.4.1.9.9.13.1.5.1.3) against one of the switches that you planning to monitor to determine how many power supplies this specific switch model has and what are the index values for each power supply.

Sample GET Bulk Response from Cisco Catalyst 3750:

‘1.3.6.1.4.1.9.9.13.1.5.1.3.[1034]’ => “1”

‘1.3.6.1.4.1.9.9.13.1.5.1.3.[2034]’ => “1”

In this SNMP GET-BULK response we see that switch has two power supplies with indexes: 1034 and 2034.

 

Step 3. Obtain list of Status Values for SNMP OID

Last step before we can start monitoring power supply is to consult MIB for possible values that this specific OID can report for power supply status.

For SNMP OID 1.3.6.1.4.1.9.9.13.1.5.1.3 there are 6 possible status codes:

Normal (1), Warning (2), Critical (3), Shutdown (4), Not Present (5), Not Functioning (6)

 

Step 4. Create Custom SNMP Tracker for Each Power Supply

Now we are ready to create custom SNMP trackers for each of the power supplies.

In Nectus GUI go to Monitoring → SNMP Monitoring Settings → Custom SNMP Trackers

Press “Create” button to bring up Custom SNMP Tracer creation interface.

We will have to create two separate trackers, one for each power supply.

Complete tracker “General” settings Tab according to this

Note that for this tracker we created a device view called “Cisco Catalyst 3700 Switches” that contain all Cisco Catalyst 3700 Series switches that we want to monitor with this tracker.

If you want to enable Power supply monitoring for more switches later, you just need to add new switches to this Device View.

Select which email lists will be used as email Alert recipients.

In “Alerts” Tab we need to specify which status values will be considered Normal and which values should trigger Alerts. You can specify multiple values separated by comma.

Define an Alert Severity level for Alarm Values as Informational, Warning or Critical.

Define number of consecutive readings for which power supply status has to report an Alarm condition before formal Alert is created. Nectus performs one SNMP poll per 5 min.

So if you define value for consecutive readings as 3 it should result in Alert created after 15 minutes of True Alarm conditions.

Press “Save” to complete Custom SNMP tracker creation for Power Supply 1.

Repeat the same process for Power Supply 2.

Now you have created custom trackers that will be monitoring both power supplies on all Cisco Catalyst 3700 Switches in your network.

 

Suppressing excessive E-mail alerts during site level network outages

,

When whole site power outage or network maintenance is in progress it is default behavior for Nectus to send individual DOWN alerts for each device in that site possibly resulting in hundreds of DOWN e-mail alerts followed by the same amount of UP e-mail alerts sent out to all configured alert recipients.

In version 1.2.53 Nectus introduced a feature that allows user to reduce number of alert e-mails during site level network outages to only specifically designated devices called “Gateways”

For each site user can designate some of the devices as “Gateways” and following alert rules will be applied:

  1. If all the Gateways in given site are DOWN, Nectus will not send DOWN alerts for regular devices located in the same site.
  2. If at least one Gateway in given site is still UP then Nectus will send individual DOWN alerts for all of the devices detected as DOWN.
  3. If all the Gateways in given site recovered from DOWN to UP, Nectus will not send UP alerts for regular devices located in the same site.
  4. If at least one Gateway in given site is still DOWN then Nectus will send individual UP alerts for all of the devices detected as UP.

To configure Site Gateways right click on Site and select Properties

Press “Site Gateways” Button

Select devices that you want to be gateways for given site and press Save button

 

Using Custom SNMP Trackers in Nectus

,

Using Custom SNMP Trackers in Nectus

Nectus offers extensive SNMP based network monitoring capabilities that allow users to track any metrics accessible via SNMP.

In addition to standard metrics, such as CPU, RAM or TCAM utilization, Nectus offers a new feature called “Custom SNMP Tracker” that allows you to monitor virtually any metrics accessible via SNMP.

This article will guide you through the basic steps required for setting up custom SNMP trackers in Nectus.

In the Main Menu, go to Monitoring → SNMP Monitoring Settings → Custom SNMP Trackers.

This opens a “Custom SNMP Trackers” window. To create a new custom SNMP Tracker, click the Add Tracker button.

In the “Add New Custom SNMP Tracker” interface box that appears, specify the following parameters:

  1. Tracker name (Example: “Power Supply Temperature Sensor”)
  2. SNMP OID to be used with “SNMP GET” request for Data
  3. Unit Name (Example: C for Temperature)
  4. Data Type (Integer or Floating)
  5. The Device View that contains list of devices to be used for collecting data from
  6. Select “Log to DB” if you would like to save metrics values to a database every 5 minutes
  7. Select “Email Alerts” if you would like to be alerted when metrics exceeds pre-defined thresholds
  8. Min and Max Threshold Values
  9. Select the number of “Consecutive Readings” exceeding threshold that would trigger an alert
  10. Select one of the existing email lists/groups to receive the alerts (Example: “Network Admins”).
  11. Click Edit Alert Templates to fully customize the alert email for the metric

Customize the E-mail template for Alert and for Recovery event when Metric value returns to normal range.

You have now created your first custom SNMP tracker. To create additional trackers, use “Clone” feature to create and edit a copy of an existing tracker available from the “Custom SNMP Trackers” page.

 

Monitoring Cisco IPSec VPN Tunnels with Nectus

,

Monitoring Cisco IPSec VPN Tunnels with Nectus

One of the key features introduced in Nectus 1.2.51 is ability to automatically discover and monitor Cisco IPSec VPN Tunnels terminated on ASA Firewalls and regular IOS routers.

  1. Tunnel Discovery

As part of regular scheduled network discovery Nectus attempts to detect existing VPN tunnels on all routers and firewalls by polling standard SNMP MIB: CISCO-IPSEC-FLOW-MONITOR-MIB

reserved for VPN Tunnels.

All discovered VPN tunnels can be seen in Main menu: Inventory → VPN Tunnels

 

 

All discovered tunnels displayed as a table with Terminating Device, Group, Local and Remote IP Address visible in individual columns.

You can assign a human friendly name to each tunnel by pressing Tunnel Edit button on the right.

 

  1. Creating Groups and Assigning Tunnels to Groups

Each Tunnel must be assigned to an individual group with newly discovered Tunnels being automatically assigned to a group with “Default” parameter set to On.

User can create multiple different groups and group tunnels in any way that is appropriate.

User can change Tunnel-to-Group assignment by using context menu or by using “Edit VPN Tunnel” button.

 

  1. Enabling Tunnel Monitoring

Once all Tunnels are discovered and added to a correct group you can enable monitoring on group level by setting “Enable Monitoring” check-button to “ON”

 

After “Enable Monitoring” flag is set to ON, Nectus starts checking Tunnel’s status every 5 min and creating records in Alert log along with sending Alert emails in case if Tunnel is down.

 

Real Time status for all tunnels can be seen in left side panel “VPN Tunnel”

By using right-click on Tunnel’s name you can access rich context menu where you can move tunnels to a different group, delete Tunnel, change Tunnel’s name or

View Tunnel’s Phase 1 and Phase 2 Information.

 

 

“View Tunnel Info” provides low level Phase 1

 

And Phase 2 Information along with encryption domain parameters and traffic counters

 

 

SNMP Device Status Color Codes

,

SNMP Device Status Color Codes

Nectus uses different colors to encode SNMP Device Status in Dashboards, Trees and Status Panels. There are three main color codes: Green, Red and Orange.

Green Color represent SNMP Device status when it is reachable by ICMP Probe and don’t have any critical interfaces Down.

Red Color represent SNMP Device status when it is not responding to ICMP Probe.

Orange Color represent SNMP Device that is reachable via ICMP but has at least one critical Interface down.

You can designate any Interface as critical by following these steps:

  1. Create Interface View that will contain all the Critical Interfaces
  2. Select this Interface View in Global Monitoring Settings

Critical Interfaces are marked by special “Star” icon in Interface List View

You can quickly add/remove Interface to Critical List by using Interface Context menu Option

 

List of system variables that can be used in Alert emails for SNMP Devices and Interfaces

,

List of system variables that can be used in Alert emails for SNMP Devices and Interfaces  (Version 2.48,  January 2019).

More system variables will be added in next releases.

 

Device Hostname:                %dev_hostname%
Device IPv4 Address:          %dev_ipv4_address%
Device IPv6 Address:          %dev_ipv6_address%
Device CPU Utilization:      %dev_cpu_utilization%
Device RAM Utilization:     %dev_ram_utilization%

Interface Name:                     %interface_name%
Interface Description:          %interface_description%
Interface Rx Utilization:      %interface_rx_utilization%
Interface Tx Utilization:       %interface_tx_utilization%

Device Site:       %dev_site_name%
Alert Time:        %time%

Outage Duration:      %outage_duration%

Enabling Monitoring for SNMP Interfaces

,

Enabling Monitoring for SNMP Interfaces

In this chapter, you’ll learn how to enable monitoring and create monitoring groups for SNMP Interfaces.

The specific topics we will cover in this chapter are:

  1. Automatic Discovery and Grouping of SNMP Interfaces
  2. Creating and Activating Monitoring Groups
  3. Creating and Customizing Monitoring Profiles
  4. Customizing Alerts
  5. Placing Interfaces in Monitoring Groups

1. Automatic Discovery and Grouping of SNMP Interfaces

During the Discovery phase all network Interfaces are automatically added to the group called “No Monitoring Group.” This group has all monitoring functionality disabled and serves as a parking space for all unmonitored Interfaces.

To enable monitoring for a particular Interface you must move that interface from the “No Monitoring Group” to any group that has the monitoring checkbox set to “ON” and has a Monitoring Profile assigned.

2. Creating and Activating Monitoring Groups

To create and activate SNMP Interface Monitoring Groups go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Groups -> Interface Monitoring Groups.

This opens the “Interface Monitoring Groups” dialog box.

Nectus provides you with two predefined Monitoring Groups:

  • No Monitoring Group – Interfaces in this group are not being monitored.
  • Default Monitoring Group – Interfaces in this group are monitored by Nectus.

Click the Add Group button to open the “Add Monitoring Interface Group” dialog box and create an additional Monitoring Group.

To monitor a group, check its Enable Monitoring box in the “Interface Monitoring Groups” dialog box.

Next select the Monitoring Profile you want to use for the Group. See the next section for more information on Monitoring Profiles.

Then click the Edit Alert Recipients icon to open the “Alert Recipients” dialog box and select lists that specify who will receive alerts from this particular Monitoring Group and Profile.

3. Creating and Customizing Monitoring Profiles

Each Monitoring Group must have a Monitoring Profile that determines which parameters are monitored. You can customize each Profile, and create individual Profiles for each Monitoring Group.

To create a new Profile, go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Profiles -> Profiles – SNMP Interface Monitoring. This opens the “Interface Monitoring Profiles” dialog box. Click the Add Profile button to create a new Profile.

To edit a Profile click the Edit icon to the right of the Monitoring Profile for the Group. This opens the “Edit Device Monitoring Profile” dialog box.

Some of the parameters here allow you to set Threshold values or other customizations.

Set the Enabled checkbox next to each Parameter you want to monitor. Check any of the Log to DB, Email Alerts, SMS Alerts, or Traps Alerts boxes to send those types of alerts.

4. Customizing Alerts

To customize the alerts, click the Edit Alert Templates button to open the “Edit Alert Handler” dialog box.

If you select Email Alerts or SMS Alerts, Nectus will generate Alert messages when the Monitored Parameter exceeds threshold and Recovery messages when the Parameter returns to normal.

Selecting the tab for one of these messages allows you to customize the appearance of that message.

5. Placing Interfaces in Monitoring Groups

Once you have created the Monitoring Groups you want to use you need to place Interfaces in them. To do so, click the Monitoring Group Name to open the “Edit Monitoring Interface Group” dialog box.

Select the Group you want to add Interfaces to on the left, and the Group you want to take them from on the right. Use the arrows to move Interfaces between the two Interface Groups.

Note that if you move an Interface that is currently being monitoring into the No Monitoring Group, Nectus will immediately stop monitoring that Interface. This can be useful for situations where you know an Interface will be down for some time (extended maintenance, for example) and you don’t want the system to send alerts.

Enabling Monitoring for SNMP devices

Enabling Monitoring for SNMP Devices

In this chapter, you’ll learn how to enable monitoring and create monitoring groups for SNMP Devices.

The specific topics we will cover in this chapter are:

  1. Automatic Discovery and Grouping of SNMP Devices
  2. Creating and Activating Monitoring Groups
  3. Creating and Customizing Monitoring Profiles
  4. Customizing Alerts
  5. Placing Devices in Monitoring Groups

1. Automatic Discovery and Grouping of SNMP Devices

Nectus automatically discovers all live SNMP Devices. These devices are listed in the SNMP Devices Panel on the Home Screen. While Devices are detected automatically, they are not automatically monitored. New SNMP Devices are automatically added to the default “No Monitoring” Group.

To Enable monitoring for a Device you need to move it from “No Monitoring” group to any

of the group where monitoring is enabled.

2. Creating and Activating Monitoring Groups

To create and activate SNMP Device Monitoring Groups go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Groups -> Device Monitoring Groups.

This opens the “Device Monitoring Groups” dialog.

Nectus provides you with two predefined Monitoring Groups:

  • No Monitoring Group – Devices in this group are not monitored, and appear with a grey icon in the SNMP Devices Panel.
  • Default Monitoring Group – Devices in this group are monitored by Nectus. Their icons are either green or red, reflecting the state of the Device.

Click the Add Group button to open the Add Monitoring Device Group dialog and create an additional Monitoring Group.

To monitor a group, check its Enable Monitoring box in the Device Monitoring Groups dialog box.

Next select the Monitoring Profile you want to use for the Group. See the next section for more information on Monitoring Profiles.

Next click the Edit Alert Recipients icon to open the Alert Recipients dialog box and select lists that specify who will receive alerts from this particular Monitoring Group and Profile.

3. Creating and Customizing Monitoring Profiles

Each Monitoring Group must have a Device Monitoring Profile that determines which parameters are monitored. You can customize this Profile, and create additional Profiles for each Monitoring Group.

To edit the default Profile or create a new one, click the Edit icon to the left of the Monitoring Profile for the Group. This opens the Edit Device Monitoring Profile dialog box.

Each of the four tabs in this dialog contains parameters you can monitor. Many of the parameters allow you to set Threshold values or other customizations.

Set the Enabled checkbox next to each Parameter you want to monitor. Check any of the Log to DB, Email Alerts, SMS Alerts, or Traps Alerts boxes to send those types of alerts.

4. Customizing Alerts

To customize the alerts, click the Edit Alert Templates button to open the Edit Alert Handler dialog box.

If you select Email Alerts or SMS Alerts, Nectus will generate Alert messages when the Parameter goes out of bounds and Recovery messages when the Parameter returns to normal.

Selecting the tab for one of these messages allows you to customize the appearance of that message.

5. Placing Devices in Monitoring Groups

Once you have created the Monitoring Groups you want to use you need to place Devices in them. To do so, click the Monitoring Group Name to open the Edit Monitoring Device Group dialog box.

Select the Group you want to add Devices to on the left, and the Group you want to take them from on the right. Use the arrows to move Devices between the two Device Groups.

Note that if you move a Device that is currently being monitoring into the No Monitoring Group, Nectus will immediately stop monitoring that Device. This can be useful for situations where you know a device will be down for some time (extended maintenance, for example) and you don’t want the system to send alerts.

Working with SNMP Traps in Nectus NMS

, ,

One of the key features of Nectus is ability receive SNMP traps.  This allows the operator to quickly detect physical (links failures, flaps) or logical (adjacencies failures, flaps) changes in the network followed by restoration procedures or root cause analysis.
Let’s see how does it work on example of this Layer 2 diagram:

The SNMP traps are located in top menu “Logs” -> “SNMP traps and Syslog”.

More exactly here:

Once the devices starts sending SNMP traps, they appears withing 2-3 minutes in Nectus:

At the time of the writing, the new SNMP traps decoding is added manually by the Nectus support team, but in the future the operator will have the ability to add the traps decoding with no external assistance.
All these traps were sent by R1 and R2 when GigabitEthernet0/1 on R1 was shut down. Because OSPF was running between R1 and R2, disabling the interface lead to OSPF adjacency between the two routers to go down.
As you can see, some OIDs are represented their original format, whereas some OIDs are represented in a more human readable format.
The details of a trap might look like this:

With the above trap details, you can tell that this is “link down” trap.
However, with other traps, you might need additional knowledge to figure what they represent.
Let’s take another example of detailed trap:

This trap was sent by R1 and it is a neighbor state change(.1.3.6.1.2.1.14.16.2.2):

And it can be read like this: Router-ID 192.168.0.2(.1.3.6.1.2.1.14.1.1) declared neighbor 192.168.0.3(.1.3.6.1.2.1.14.10.1.3) with IP address on the interface 10.0.0.14(.1.3.6.1.2.1.14.10.1.1) as Down(.1.3.6.1.2.1.14.10.1.6 with value of 1).
Obviously this is not very intuitive and Nectus should do all the the decoding so that the operator will not go through all the effort to find what each OID means.

In the future releases user will have an option  to add the decoding for new or unknown SNMP traps via GUI.

 

Network Discovery timers vs Network Monitoring timers

, ,

One of the first steps that we normally perform during POC is timer tuning for ICMP and SNMP for Discovery and Monitoring services.

Normally Discovery should have different timer values than Monitoring because Discovery operates in a “pessimistic” model when IP address

that is being probed by Discovery engine is likely not to be alive or  not to respond to SNMP therefore timeoute values and retry counts has to be very aggressive

for example 100 ms Timeoute with 2 Retries  for ICMP is normally sufficient. SNMP timer for Discovery have typical values of 1000ms and 1 retry.

Aggressive Discovery timers also reduces amount of traffic being generated and make discovery jobs run faster.

 

Monitoring Service timers are in opposite spectrum,  as Monitoring service operate in “optimistic” mode where it expects for all devices that are enabled for monitoring

to respond and timers has to be tuned to maximum wait time with ICMP timers as high as 300ms and SNMP timers as high as 5000 ms to support bigger/busier devices like Nexus 7018.