Cisco Traps

Unanswered Question
Sep 25th, 2009

Hi,

We are receiving traps from our 1841 routers in our network management

tool. Cannot completely identify the MIB/OID. Receiving trap with OID:

.1.3.6.1.4.9.9.41.2.0.1,.1.3.6.1

Have identified up to the last 4 digits as "clogMessageGenerated" for the

"CISCO-SYSLOG-MIB" MIB. Cannot identify the last four of ".1.3.6.1."

-Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Lucien Avramov Fri, 09/25/2009 - 09:13

1.3.6.1 is the internet mib, it's how most of the oids start with.

For example: .1.3.6.1.4.9.9.41.2.0.1

In your case, there is something missing on your network management tool and only the beginning of an oid is displayed with .1.3.6.1.

Also there is a coma: , between the first and second oid you pasted:

1.3.6.1.4.9.9.41.2.0.1,.1.3.6.1

georgeef1 Mon, 10/05/2009 - 15:12

Hi lavramov,

Sorry if I was missing the "." I was/am

good on up through .1.3.6.1.4.9.9.41.2.0.1. But our OpManger is also displaying or receiving a ,.1.3.6.1 at the end of the OID, which I can't find documentation on. And, yes, there is a comma in the OID received by OpManager.

The good news is that with our syslog manager, I was able to coordinate a

syslog event with the SNMPv3 trap. The traps are SNMPv3 traps and I am beginning to implement SNMPv3 traps, or attempting to. The events are

switch-module interface Link Up, Link Down Warning (SEC-3) syslog events on

the 1841 routers sent as SNMPv3 traps. I am only receiving this trap from

my sites running SNMPv3. Unfortunately, it appears that I can't decipher

more in the trap, other than the OID, i.e. I cannot determine the exact

source of the trap or the exact syslog event (Link Up or Link Down?). I

essentially only know that it is a syslog event and was able to determine

what syslog event by reviewing my syslogs and matching time-stamps. I don't know if it is an issue with the encryption? I know that the SNMPv3

encryption is working fine for polling. OpManager polls the device and gets

the correct device model, interfaces, CPU, etc. If you had some good

documentation on implementing SNMPv3 traps that would be outstanding. I am

hoping to replace syslogs with SNMPv3 encrypted traps for increased

security.

But I would like to know what the ",.1.3.6.1" signifies in the OID? And

good documentation on SNMPv3 private traps would be great, if you have it?

Here's the full MIB/OID, again, so that there's no confusion. Need to know

what the last four digits signify:

.1.3.6.1.4.9.9.41.2.0.1.,.1.3.6.1

Please suggest.

-Thanks

Actions

This Discussion