BMC Defender SNMP Monitor adapter

This is a description of the BMC Defender SNMP Monitor adapter. Add this adapter to the BMC Defender Server to expand BMC Defender to include monitoring of SNMP MIB objects.

The documentation includes installation procedures, operating theory, application notes, and features.

The SNMP Monitor consists of several components. A background process continuously polls MIB objects and compares them to thresholds. You can configure the objects to poll and you can specify the syslog message that is sent when thresholds are violated. Additionally, you can inspect the value of SNMP objects collected on the system.

This documentation is intended for BMC Defender users who operate the system, as well as system administrators responsible for installing the software components. This documentation might also be of interest to program developers and administrators who want to extend the range of the BMC Defender system's role within an enterprise to include SNMP monitoring. 

The SNMP Monitor Adapter software extends the BMC Defender system to enable polling and monitoring of system values using standard SNMPv1 and v2. This enables BMC Defender to actively monitor system dynamics and states.

The BMC Defender SNMP background process continuously polls selected devices for values, compares these values against user-defined thresholds, and then sends syslog messages (of user-specified severity and content) to the main BMC Defender Server. This gives BMC Defender more awareness of the network and enterprise state.

You can configure and monitor the BMC Defender SNMP Monitor adapter background process with the main BMC Defender web interface. You configure address groups that are polled for specific values and define the message and severity that is sent to BMC Defender when a value trips a threshold. This enables you to monitor CPU usage, network traffic, TCP connections, as well as less direct configuration items such as printer status, host resources, disks, and peripheral devices.

Software components

The BMC Defender SNMP Monitor adapter includes the following components:

• CO-SNMP.exe program—This is the polling agent that gathers SNMP information. The process is configured to run on BMC Defender system startup (using the System > Schedule screen).
• SNMP configuration screen—This is a support screen, available under Messages > Adapters > SNMP in the BMC Defender web interface. On this screen, you can configure the MIB objects to be polled, the thresholds for MIB objects, and the syslog message that is sent when thresholds are violated.
• GETSNMP support utility—This is a command line utility installed in the System directory of BMC Defender. Use it to interactively fetch MIB objects by their OID value. This is useful for testing and for system development.

System diagram

The BMC Defender SNMP Monitor adapter process is a background process on the BMC Defender Server. This process reads configuration data that is configured by the operator and continuously polls a list of devices. (The devices are specified by IP address, IP address wildcard, or standard BMC Defender address group specification.)

As the process polls the list of managed devices, it compares each value to an operator configured threshold. If the value exceeds the threshold, the SNMP Poller process issues a syslog message to the BMC Defender Server. The operator configures the message and its severity. The message appears in correlation threads and tickets.

The following diagram illustrates the CO-SNMP.exe process continuously polling a list of managed devices. The devices run native SNMP agents and can be Windows platforms, UNIX servers, routers, switches, and other network equipment.

You can configure and monitor the polling process using the Messages > Adapters > SNMP screen of the main BMC Defender Server web interface.

This section provides information about the following topics: