|
|
| Subject: | Zentrap.log |
| Author: | [Not Specified] |
| Posted: | 2015-10-17 12:04 |
Hi,
I've made my first Zenoss install and I'm having a little trouble with some stuff.
I'm trying to make some event classes to classify correctly the events received from a CS1K PBX. I've loaded the mib and the events and I've made some progress with transformation rules to avoid duplication.
What I'm struggling with is to be able to make a match based on the information received within the event details.
Within the even details there is an information element called commonmiberrcode. Within the detail there is a an error code made up of 3 to 4 characters and number between 3-4 digits
I want to classify events based on the error code combination but I have no clue on how to do it.
In addition, I would have like to add the Zentrap.log information to help but I'm not able to find it at least in Zenoss version 5
Any help would be appreciated.
Thanks,
Alex
| Subject: | Have you got my Zenoss Event |
| Author: | Jane Curry |
| Posted: | 2015-10-19 14:52 |
Have you got my Zenoss Event Management paper from http://www.skills-1st.co.uk/papers/jane/zenoss4-events/ There are some examples in there for decoding the TRAP varbinds which might help you. Although the paper is written for Zenoss 4, the transform mechanism should be just the same in Zenoss 5.
Cheers,
Jane
Email: jane.curry@skills-1st.co.uk Web: https://www.skills-1st.co.uk
| Subject: | Jane, |
| Author: | [Not Specified] |
| Posted: | 2015-10-22 04:16 |
Jane,
I have reviewed your document and perhaps I have not understood the use of the transform function. This is the transform I have made:
# Let's grab the details from the CS1K
for d in evt.details._map.keys():
if d == 'commonMIBErrCode':
query = evt.details.get(d)
evt.message = "CS1K ALARM:\n" + query
evt.summary = "ERR:\n" + query
In my case the eventClassMapping always contains the commonMIBAlarmMajor, commonMIBAlarmMinor, commonMIBAlarmCritical, but the important bit is the information contain within the commonMIBErrCode which is in the Event Details. For example commonMIBErrCode ITG2107. For each code there is a detail description and even a possible resolution method.
My doubt is if I should create an instance name for each alarm within the commonMIBErrCode with a RegEx or Python Rule which is where I'm struggling or a transform which could be huge and not pratctica.
Thanks.
Alex
| < |
Previous WinRM - High CPU Load |
Next How long will 4.x be supported? |
> |