SNMP Trap parameters screen

As part of the Windows installation, you can create a new tab in the Message > Config section of the BMC Defender web interface that permits you to configure various parameters associated with the SNMP Trap Monitor background program. The following image depicts the screen available only to BMC Defender administrators:

This screen is a standard BMC Defender parameter editor screen. You can click Edit to edit parameter values. Once the monitor values have been modified, you can click Save to save the values. These values are subsequently read by the background process and applied to future SNMP Traps received by the program.

Parameters are described as follows:

• Match SNMP Trap community—This value is a keyword or wildcard that must match the community of any received trap. The default value of ( * ) matches any trap community. You can limit the reception of traps to a particular trap community.

  Note

  The community string is often used as a password when configuring the trap destination for a particular device and is a standard SNMP configuration item for SNMP agents of all types. You should consult the documentation of the particular SNMP agent or trap sender for notes on how to configure the source trap community.

• Output message format—This setting allows control over the message format and how the SNMP Trap is converted to a syslog message. The default setting of ergonomic parses any textual variable bindings from the trap and appends these values to the syslog message. Other options include Bind Ordered, Brief, and Default. These options are documented in the next section.

• Receive standard traps—This setting controls whether standard coldstart, warmstart, linkup, linkdown, and neighborloss traps are converted to syslog messages. Most agents generate these standard traps. By default, these traps are converted to syslog messages by the CO-systrap.exe background process and appear in BMC Defender as a syslog message.
• Use standard facility—This setting controls the facility associated with standard traps. By default, the Network facility is used when an SNMP Trap converts to a syslog message. The operator can select some other value for standard SNMP Traps.
• Use standard severity—This setting controls the severity associated with standard traps. By default, the Notice severity is used when a standard SNMP trap is converted to a syslog message. The operator can select some other severity for standard SNMP Traps.
• Receive enterprise traps—This setting controls whether enterprise traps (that are defined by the SNMP agent vendor) are converted to syslog messages. By default, these traps convert and appear in BMC Defender as a syslog message. To disable the transmission of enterprise traps, this value can be set to False, and enterprise traps are not sent to BMC Defender server. 
• Use enterprise facility—This setting controls the Facility associated with enterprise traps. By default, the Network facility is used when an SNMP Trap is converted to a syslog message. The operator can select some other value for enterprise SNMP Traps. 

• User enteprise severity—This setting controls the severity associated with enterprise traps. By default, the Info severity is used when an enterprise SNMP Trap is converted to a syslog message. The operator can select some other severity for enterprise SNMP Traps.

  Note

  Enterprise traps can actually be of any particular severity, hence the Severity Override facility of BMC Defender is often used to set a precise severity for enterprise traps.

• Receive auth traps—This setting controls whether authentication traps are converted to syslog messages. These special types of traps indicate that a network manager has attempted to access the agent using an improper community name. This is such a common occurrence (on some networks) that the BMC Defender server operator can specifically disable the issuance of an Auth Type trap. By default, BMC Defender Server reports Auth Type traps with the same facility and severity as a standard trap.