SNMP traps sent from ArcSight Express appliance are dropped
i need to understand SNMP TRAP mechanism for NNMi 9.2x because i have the following issue:
I have an equipment ( an ArcSight equipment ) and am receiving traps from it. I can see the trap running from cmd nnmtrapdump.ovpl command but they are not displayed into NNMi -> Incident Browsing -> SNMP Traps.
So I checked to see if :
- The trap it's enable and configured, and it is (on Configuration -> Incidents -> SNMP Trap Configurations).
- The Discard Unresolved SNMP Traps and Syslog Messages it's unchecked, it is unchecked.
Because on the equipment I don’t have SNMP agent I added the nod as non-snmp thinking that cannot receive SNMP Traps from an equipment that NNMi does not discovered it. No result.
More of that i try to send my one traps from nnmi using an nttrapgen.exe directly from NNMi. I am able to see the traps using nnmtrapdump but they are displayed.
As long as the node originating the trap is in the system (originating IP address has to match) inventory, the traps if enabled will be accepted and tagged to that node. I've got a very similar situation with the HP ILO management modules whcih have the ability to send traps, but no SNMP agent engine on the device.
Have a nice day :)
Andy Kemp I've lasted longer in the technology industry than most certifications.
It may get on the List of disallowed/disabled trap OIDs or Blocking Caches long time ago.
Verify this with
To clear blocking cache
To unblock traps
nnmtrapconfig.ovpl -setProp unblockTraps
If you still see some traps on disabled list but they are enabled, try to restart trap service
To turn blocking back
nnmtrapconfig.ovpl -setProp blockTraps
I hope this may help
Sergey Pankratov HPE Support
The views expressed in my contributions are my own and do not necessarily reflect the views and strategy of HPE If you find this or any post resolves your issue, please be sure to mark it as an accepted solution. If you are satisfied with anyone’s response please remember to give them a KUDOS and show your appreciation
Thank for the output but still is not solving my problem. So for that I took the hard way on the NNMi server (windows server) I put sniffer on it to see what kind of snmp traps packets are coming for all the equipment’s that are sending traps.
Here is the output:
For a Cisco equipment that send snmp trap (link Down).