Sending SNMP trap messages with SENDTRAP

One important way for the BMC Defender Server to interoperate with other network managers on the network is to send SNMP trap messages to those managers. This is accomplished with the SENDTRAP.bat action program.

The SENDTRAP.bat action, when configured on the Actions screen, will send a standard SNMP V2 trap to a trap receiver on a remote (or the local) platform whenever a message is received that matches the configured pattern. You can elect to send all messages as SNMP traps, or a range of messages. You might want to configure multiple instances of SENDTRAP.bat actions to match complex patterns based upon devices, text strings, severities, or other criteria.

The SNMP Network Manager trap receiver should be listening for SNMP traps at the standard port number of 162. The trap message, sent by the BMC Defender Server, contains a variable binding with the message attached, and the trap number is the severity number of the message that initiated the trap, ranging from 0 to 7. This should make the reception of SNMP traps, and the decoding of these messages, somewhat trivial.

To configure the SENDTRAP.bat action program, simply add the program with two arguments: the first argument is the trap destination (that is, the hostname or IP address of the platform running the trap receiver). The second argument is the trap community. The trap community is a required argument to the SENDTRAP.bat program, even if the manager does not require it. (The industry standard trap community that generally work for most managers, is public.) In general, the trap community is a short text string, with no spaces, that serves as a password to the trap receiver. (If you have questions, contact the administrator of the SNMP network manager, who will give you the correct value.)

The SENDTRAP.bat program makes use of the net-snmp/snmptrap.exe program. This is a standard utility of the Net-SNMP open source software. The location of this software is specified in the Messages > Config > Parms screen and is by default the directory BMC Defender Server/net-snmp. Although the SENDTRAP.bat program is configured to send SNMPv2 traps, it can also be reconfigured to send SNMPv3 traps, or Inform type traps. This information is well documented within the standard Net SNMP distribution software.

If the SNMP network manager requires MIB definitions for the trap, you can compile the official trap definitions at the SNMP network manager. These trap definitions reside in the BMC Defender Server-doc/BMC Defender Server-MIB.txt file in standard ASN.1 format. As shown in this file, the enterprise object used in the trap is experimental.514, and the trap contains a single variable binding of sysDescr.0, that contains the originating message hostname and text.