[c-nsp] OT: SNMP trap receiver/alerter.
Giles Coochey
gcoochey at sapphire.gi
Thu Feb 14 04:23:26 EST 2008
>
>
> But with using the above with nagios, it is kind hard to clear the
> alarms if you have multiple interfaces going up/down on 1 box since
> nagios seems to track status for the entire service. (These are
> submitted to a passive service called TRAP).
>
> I have also been looking at
>
> http://kodu.neti.ee/~risto/sec/
>
> To do event correlation, but haven't had the time to get it all
> integrated as of yet.
>
We're using a combination of snmptrapd, snmptt, sec.pl and Nagios and it
looks like it can do what we want.
For simple things it works just fine, if you want complex event
correlation then sec.pl can do it, but it all gets pretty involved with
regular expressions, events contexts and the like.
More information about the cisco-nsp
mailing list