Dell PowerConnect W-Airwave 7.7 Administrator's Guide
Integrating Dell Networking W-AirWave 7.7 with
Centralized NMS Event Correlation
Overview
This document describes the AirWave alert/trap workflow when integrating with a centralized NMS Event Correlation
System. This document includes the following topics:
l "Adding NMS Event Correlation Servers to AirWave" on page 1
l "Configuring Alerts/Traps in AirWave" on page 2
l "Viewing Alerts in Various Destinations" on page 4
l "Acknowledging Alerts" on page 5
l "Compiling the AirWave MIB on NMS" on page 5
l "Matching Severity in the NMS Event Correlation Servers" on page 5
l "Actual MIB for SNMPv2c" on page 5
Adding NMS Event Correlation Servers to AirWave
Perform the following steps to add an event correlation server to AirWave
1. Navigate to AMP Setup > NMS and click Add.
2. Configure server settings. Note that the configuration options can vary depending on the SNMP version that you
select.
Ifyou select SNMPv3, then you must also configure your application (i.e the application that will receive the traps/informs)
for SNMPv3. You will need to set up the engineID, authentication, and Priv parameters and then restart your application
before you can receive the SNMPv3 informs.
0511042-04 | July 2013 Integrating W-AirWave with Centralized NMSEvent Correlation | Integration
Figure 1 AMP Setup> NMS > Add NMSServer Page Illustration
Configuring Alerts/Traps in AirWave
1. Navigate to Systems > Triggers, as shown in Figure 2.
2. Select one of the built-in Alerts/Traps.
3. Click Add.
2 Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration
Figure 2 Configuring a Client Count Trigger
Configure properties for the Alert/Trap
l Thresholds for the alert (quantity and time)
l Severity of alert
l Distribution options
l Notification Method
n Sender
n Recipient
n NMS – sends SNMP traps
l Alert Suppression
Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration 3
Viewing Alerts in Various Destinations
As seen on the System > Alerts page of the AirWave console:
Figure 3 System > Alerts Page Illustration
As seen in email from the recipient’s perspective:
Figure 4 Email recipient of an alert
As seen by the NMS server via a tcpdump of the actual alerts:
Client Count
10:32:52.964243 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 17, length: 284) tipi.c
orp.airwave.com.38979 > airwave-openvie.snmptrap: [bad udp cksum ebf4!] { SNMPv2c C=foo { V2Tr
ap(242) R=47680 system.sysUpTime.0=10 S:1.1.4.1.0=E:12028.4.15.0.3 E:12028.4.15.1.101=2 E:12028
.4.15.1.102=4 E:12028.4.15.1.103="Device: HQ-Engineering https://demo.airwave.com/ap_monitoringid=11277: AP User Count >= 2 users for 15 minutes" E:1202
8.4.104=10.2.26.164 } }
Device Down
10:32:23.055999 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 17, length: 261) tipi.c
orp.airwave.com.38934 > airwave-openvie.snmptrap: [bad udp cksum e740!] { SNMPv2c C=foo { V2Tr
ap(219) R=47676 system.sysUpTime.0=10 S:1.1.4.1.0=E:12028.4.15.0.13 E:12028.4.15.1.101=2 E:1202
8.4.15.1.102=4 E:12028.4.15.1.103="Device: Aruba-AP65-ap.2.2.3 - https://demo.airwave.com/ap_mo
nitoringid=1: Device Down " E:12028.4.104=10.51.3.46 } }
OID Breakdown
12028.4.15.1.102 contains Severity Code
l 2 = Normal
l 3 = Warning
4 Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration
l 4 = Minor
l 5 = Major
l 6 = Critical
12028.4.15.1.103 contains several fields separated by colons
l Object Type {Client, AirWave, Device/AP, Group)
l Object Name and URL (the URL is optional, if it exist then it will be separated by a dash (-)}
l Trap Description and Evaluation Elements
12028.4.15.1.104 contains device IP Address
l Group Traps will contain AirWave’s IP address.
Acknowledging Alerts
AirWave alerts must be manually acknowledged from the System > Alert page. AirWave does not currently provide an
external interface to acknowledge alerts from an NMS server.
Compiling the AirWave MIB on NMS
1. Navigate to AMP Setup > NMS.
2. Click on the Download link.
3. Transfer to NMS server.
4. Compile on NMS server.
Matching Severity in the NMS Event Correlation Servers
Most NMS Event Correlation systems have the ability to color code and escalate based on information received in the
trap, as shown in Figure 5. The OID 12028.4.15.1.102 contains the AirWave severity code.
Figure 5 Color Codes
Actual MIB for SNMPv2c
Traps in grey text are unused.
- ********************************************************************
-- * Definitions
-- ********************************************************************
Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration 5
awampApName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The AP Name"
::= { awamp 101 }
awampGroupName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Group Name"
::= { awamp 102 }
awampAPEthMAC OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IEEE Unique Identifier"
::= { awamp 103 }
awampAPIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP Address of the AP (Eth0)"
::= { awamp 104 }
awampAPMFG OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AP MFG"
::= { awamp 105 }
awampAPModel OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AP Model"
::= { awamp 106 }
awampAPFirmware OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AP Firmware"
::= { awamp 107 }
awampROCommString OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Read Only Community String (not currently used)"
::= { awamp 108 }
awampHPOVHostName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Hostname of the AP"
6 Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration
::= { awamp 109 }
awampHPOVSYSID OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Hp OpenView Object Id"
::= { awamp 110 }
awampHPOVMAC1 OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First Radio MAC on AP"
::= { awamp 111 }
awampHPOVIP1 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First Radio IP AP"
::= { awamp 112 }
awampHPOVMAC2 OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second Radio MAC on AP"
::= { awamp 113 }
awampHPOVIP2 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second Radio IP AP"
::= { awamp 114 }
awampHPOVsysName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Hostname of the AP"
::= { awamp 115 }
awampHPOVsysDescr OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Hostname of the AP"
::= { awamp 116 }
- ********************************************************************
-- * awampEvent parameter definitions
-- ********************************************************************
awampEventID OBJECT-TYPE
SYNTAX INTEGER32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Random number AMP assigns to the event."
::= { awampEventObject 101 }
awampEventSeverityCode OBJECT-TYPE
SYNTAX INTEGER32
Integrati ng W-AirWav e with Central ized NMSEvent Correl ation | NMS Integration 7
Loading...