Wir haben AKCP mit sensoren, welche folgende Nachricht als AKCP-Trap senden:
SNMPv2-MIB::sysUpTime.0: 431606731(The time (in hundredths of a second) since the network management portion of the system was last re-initialized.), SNMP-COMMUNITY-MIB::snmpTrapAddress.0: 10.1.20.1(The value of the agent-addr field of a Trap PDU which is forwarded by a proxy forwarder application using an SNMP version other than SNMPv1. The value of this object SHOULD contain the value of the agent-addr field from the original Trap PDU as generated by an SNMPv1 agent.), SNMP-COMMUNITY-MIB::snmpTrapCommunity.0: public(The value of the community string field of an SNMPv1 message containing a Trap PDU which is forwarded by a a proxy forwarder application using an SNMP version other than SNMPv1. The value of this object SHOULD contain the value of the community string field from the original SNMPv1 message containing a Trap PDU as generated by an SNMPv1 agent. There is no SIZE constraint specified for this object because RFC 1157 does not impose any explicit limitation on the length of community strings (their size is constrained indirectly by the SNMP message size).), SNMPv2-MIB::snmpTrapEnterprise.0: SNMPv2-SMI::enterprises.3854.1(The authoritative identification of the enterprise associated with the trap currently being sent. When an SNMP proxy agent is mapping an RFC1157 Trap-PDU into a SNMPv2-Trap-PDU, this variable occurs as the last varbind.), SNMPv2-SMI::enterprises.3854.1.7.1.0: 6, SNMPv2-SMI::enterprises.3854.1.7.2.0: 1, SNMPv2-SMI::enterprises.3854.1.7.3.0: 0, SNMPv2-SMI::enterprises.3854.1.7.5.0: Dry contact I/O 3, SNMPv2-SMI::enterprises.3854.1.7.6.0: Meetingraum, SNMPv2-SMI::enterprises.3854.1.7.8.0: 10, SNMPv2-SMI::enterprises.3854.1.7.9.0: High Critical, SNMPv2-SMI::enterprises.3854.1.7.12.0: Internal RJ45, SNMPv2-SMI::enterprises.3854.1.7.16.0: 1.4
besonders wichtig hierbei ist das SNMPv2-SMI::enterprises.3854.1.7.9.0: High Critical
.
Die Regel im default rule pack ist wie folgt:
Leider wird diese nicht beachtet. Eine andere regel, welche bei text to match “normal” hat und wo in der trap SNMPv2-SMI::enterprises.3854.1.7.9.0: Normal
steht, funktioniert. Die “Normal-Regel” ist unter der “High Critical-Regel”
Was habe ich falsch eingstellt?
Danke im Voraus!