Forum Discussion
Josh_41258
Nimbostratus
NimbostratusCustom SNMP Trap Definition
My goal is to create a custom SNMP trap that will alert me when a SSL certificate is expiring soon. I have had Deb's article (http://devcentral.f5.com/Default.as...icleId=256) but still have a few qu...
nitass
Employee
Employeei am not familiar with regex. this is mine.
[root@ve1023:Active] config cat user_alert.conf
alert CERT_EXPIRE "Certificate (.*?w.*?) in file (.*?w.*?) will expire on (.*?)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.300"
}
[root@ve1023:Active] config logger -p local0.warning "Certificate 'mywork.com' in file mywork.com.crt will expire on Fri Nov 11 23:59:59 2011 GMT"
[root@ve1023:Active] config tcpdump -nni 0.0 -s0 udp port 162
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
19:08:13.288342 IP 172.28.65.150.44961 > 192.168.206.102.162: V2Trap(192) .1.3.6.1.2.1.1.3.0=10469 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.3375.2.4.0.300 .1.3.6.1.4.1.3375.2.4.1.1="Certificate 'mywork.com' in file mywork.com.crt will expire on Fri Nov 11 23:59:59 2011 GMT" .1.3.6.1.6.3.1.1.4.3.0=.1.3.6.1.4.1.3375.2.4 out slot1/tmm0 lis=
Next, how do I name the trap like the pre-defined traps are. The trap is coming through to my NMS as something generic like "bigIpNotifications.300"
The log message is contained in bigipNotifyObjMsg, but is there a way that I can separate the variable fields (such as the certificate file name, date, etc) into separate fields like bigipSSLCertName, etc so I can parse them on my NMS? All of the pre-defined traps seem to be parsed separately like this.i guess we have to modify f5 mib file; anyway, i have never done it before and not sure if it is supported. hope someone here knows. i am interested too. 🙂
