Re: [Nagios-users] Trend Micro Officescan snmp-trap

2011-04-06 Thread Jim Avery 
I'm not sure the specifics of getting Trend to send traps (I simply
asked my Trend admin person to set it up!).  Trend should be able to
provide you with the relevant MIB file.

To configure Nagios to receive the traps, I recommend you use snmptt.
The specific instructions relating to Nagios are at:

http://www.snmptt.org/docs/snmptt.shtml#Nagios-Netsaint


You will need to use the snmpttconvertmib utility to convert Trend's
MIB file to a config for snmptt.  Note I found that the format of the
OID's for the traps generated from our Trend systems didn't always
match what was in the MIB, so I had to create some new config entries
for snmptt based on the ones translated using snmpttconvertmib, but
with the OIDs edited to match what we were receiving - for example:


# These traps are pretty much same as from trend.mib, but with .999.
instead of .141.
EVENT virusFound .1.3.6.1.4.1.6101.999.3.3 "Status Events" critical
FORMAT Virus Found Trap: $*
SDESC
 This event trap will be sent when a virus is found
Variables:
  1: tvcsEventTrapVar
PREEXEC /bin/echo $s | /bin/sed -e s/ok/0/ -e s/warning/1/ -e s/critical/2/
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $A
"SNMP-Trap-Trend" $p1 $N "$*"
EDESC
#
#
#


Note the PREEXEC and EXEC entries which are used to translate the
incoming trap in to a format which can be submitted as a passive check
to Nagios via Nagios' command interface.  You may need to edit the
EVENT line in each config entry to change the severity as appropriate
to "ok", "warning", or "critical" so it can be processed by the
PREEXEC line.


I hope that helps a little.

Cheers,

Jim

--
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] Trend Micro Officescan snmp-trap

2011-04-06 Thread Michael Boeckmann 
Hi there,

does anyone know how to get the monitoring of Trend Micro Officescan running.

I´am completely new to snmp.

So I tried to learn something about it. But by now, I couldn´t find a source 
for reading and understanding it.

What are OIDs and MIBs? Where do I get them?

And how can I configure it?

The only thing I know is, that I can configure a  snmp-trap in the 
web-interface of Officescan, where I can type in the IP and community.

The TMOS-Server runs with Win-Server 2008 R2  and the Nagios 3.2.3 on a 
Debian-Squeeze-machine.

I would be very thankful.

With kind regards,

Michael Böckmann

--
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null