这里定义的所有snm trap都需要配置了snmp trap相关配置后才有效(WEB界面上配置的snmp trap)
邮件发送的话则需要先配送postfix
如果需要自定义alert执行的项目的话,可以在/config/user_alert.conf中配置
[root@Active] alertd # more alert.conf
/***************************************************************
* If any alert is changed, the related SNMP trap OID needs to
* be changed accordingly, which is installed in
* /usr/share/snmp/mibs/F5-BIGIP-COMMON-MIB.txt.
*
* Be careful, any SNMP OID change will affect customers.
* So, it is rather deprecating old one and creating a new than
* modifying the exist one.
***************************************************************/
/***************************************************************
* The lcdwarn messages can be one of 5 levels:
* 0 - warning - makes the Alert LED glow yellow
* 1 - error - makes the Alert LED blink yellow
* 2 - alert - makes the Alert LED glow red
* 3 - critical - makes the Alert LED glow red
* 4 - emergency - makes the Alert LED blink red
*
* You may use lcdwarn or clearlcd_* command line programs to add
* or clear warnings from the LCD/LED.
* It is possible that you will have some warnings and some alerts, so
* when you clear the error, the LED will stop being red and turn
* yellow. You will have to clear that error seperately.
***************************************************************/
/*
* from system_check
*/
alert BIGIP_SYSTEM_CHECK_E_CPU_TEMP_HIGH {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.4";
lcdwarn description="CPU Temp too high." priority="3"
}
alert BIGIP_SYSTEM_CHECK_E_CPU_FAN_SPEED_LOW {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.5";
lcdwarn description="CPU fan too slow." priority="3"
}
alert BIGIP_SYSTEM_CHECK_E_CPU_FAN_SPEED_BAD {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.6";
lcdwarn description="CPU fan bad." priority="3"
}
alert BIGIP_SYSTEM_CHECK_E_CHASSIS_TEMP_HIGH {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.7";
lcdwarn description="Chassis Temp too high." priority="3"
}
alert BIGIP_SYSTEM_CHECK_E_CHASSIS_FAN_BAD {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.8";
lcdwarn description="Chassis Fan bad." priority="3"
}
alert BIGIP_SYSTEM_CHECK_E_CHASSIS_POWER_BAD {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.9";
lcdwarn description="Power Supply bad." priority="4"
}
/*
* from bigd (CR36393) -- changed from mcpd messages in v9.2.0 (CR46190) and hotfix v9.0.5
* For the following 4 alerts, messages need to be used in pattern match to
* distiguish different ipaddr, port, etc. So, if these messages are changed,
* the changes in alert system need to be done accordingly.
*/
alert BIGIP_MCPD_MCPDERR_POOL_MEMBER_MON_DOWN "Pool member (.*?):(.*?) monitor status down." {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.10"
}
alert BIGIP_MCPD_MCPDERR_POOL_MEMBER_MON_UP "Pool member (.*?):(.*?) monitor status up." {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.11"
}
alert BIGIP_MCPD_MCPDERR_NODE_ADDRESS_MON_DOWN "Node (.*?) monitor status down." {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.12"
}
alert BIGIP_MCPD_MCPDERR_NODE_ADDRESS_MON_UP "Node (.*?) monitor status up." {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.13"
}
/*
* from failover(sod) (CR36393)
*/
alert BIGIP_SOD_SODERR_SOD_STANDBY {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.14";
lcdwarn description="Unit going standby." priority="0"
}
alert BIGIP_SOD_SODERR_SOD_ACTIVE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.15";
lcdwarn description="Unit going Active." priority="0"
}
alert BIGIP_SOD_SODERR_SOD_UNIT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.16"
}
/*
* from ha_table (CR36393)
*/
alert BIGIP_HA_TABLE_HA_TABLE_ERR_FEATURE_FAILS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.17"
}
alert BIGIP_HA_TABLE_HA_TABLE_ERR_FEATURE_ONLINE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.18"
}
/*
* from fflag (CR36393)
*/
alert BIGIP_FFLAG_ERR_VALIDATE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.19";
lcdwarn description="The license validation failed." priority="2"
}
alert BIGIP_FFLAG_ERR_LICENSE_EXPIRED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.20";
lcdwarn description="The license has expired." priority="2"
}
/*
* from mcpd (CR36393)
* this sends the same trap as BIGIP_FFLAG_ERR_VALIDATE
*/
alert BIGIP_MCPD_MCPDERR_DOSSIER_ERR {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.19";
lcdwarn description="The license validation failed." priority="2"
}
alert BIGIP_MCPD_MCPDERR_LICENSE_NOT_OPERATIONAL {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.19";
lcdwarn description="The license is not operational." priority="2"
}
/*
* from tamd (CR36074)
*/
alert BIGIP_TAMD_TAMDALERT_TRAP {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.21"
}
/*
* from tmm (CR36071)
*/
alert BIGIP_DOSPROTECT_DOSPROTECT_AGGRREAPER {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.22";
lcdwarn description="Blocking DoS attack." priority="2"
}
/*
* from tmm (CR36075)
*/
alert BIGIP_ARP_ARPERR_CONFLICT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.23"
}
/*
* from tmm (CR36070)
*/
alert BIGIP_NET_NETERR_LINK_DOWN {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.24"
}
/*
* fro
m diskmonitor (CR38227)
* ALERT and WARN send the same trap
*/
alert BIGIP_DMON_ERR_DMON_ALERT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.25"
}
alert BIGIP_DMON_ERR_DMON_WARN {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.25"
}
alert BIGIP_DMON_ERR_DMON_GROWTH {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.26"
}
/*
* from console login and sshd (CR38227)
*/
alert BIGIP_AUTH_FAIL "FAILED LOGIN (.*) FROM (.*) FOR (.*), Authentication failure" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.27"
}
alert BIGIP_SSHD_AUTH_FAIL "error: PAM: Authentication failure for (.*) from (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.27"
}
/*
* from bigpipe (CR38230)
*/
alert BIGIP_BIGPIPE_BP_CONFIGURATION_LOADED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.28"
}
/*
* from tmm (CR38226)
* all packet rejected actions send the same trap.
*/
alert BIGIP_IP_REJECT_CONN_LIMIT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_SNAT_ANYIP {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_NO_MULTICAST {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_CLOSED_PORT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_MAINT_MODE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_DST_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_SRC_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_SSL_LICENSE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_LIMIT {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
alert BIGIP_IP_REJECT_NO_ROUTE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.34"
}
/*
* from tmm (CR43653)
* The compression licensing limits have been exceeded.
*/
alert BIGIP_DEFLATE_DEFLATEERR_LICENSE_EXCEEDED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.35"
}
/*
* from tmm (CR47177)
* SSL licnense limits are exceeded. Both send the same trap
*/
alert BIGIP_SSL_SSLERR_TPS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.36"
}
alert BIGIP_SSL_SSLERR_MPS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.36"
}
/*
* from bcm56xxd (CR46901)
* external link status
*/
alert BIGIP_BCM56XXD_BCM56XXDERR_LINKSTATUS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.37"
}
/*
* from trafficshield (ts)
*/
alert BIGIP_TS_TS_REQUEST_BLOCKED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.38"
}
alert BIGIP_TS_TS_REQUEST_VIOLATION {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.39"
}
/*
* from gtmd
*/
alert BIGIP_GTMD_POOL_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Pool .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.40"
}
alert BIGIP_GTMD_POOL_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Pool .*? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.41"
}
alert BIGIP_GTMD_POOL_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.42"
}
alert BIGIP_GTMD_POOL_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.43"
}
alert BIGIP_GTMD_LINK_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Link .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.44"
}
alert BIGIP_GTMD_LINK_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Link .*? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.45"
}
alert BIGIP_GTMD_LINK_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.46"
}
alert BIGIP_GTMD_LINK_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.47"
}
alert BIGIP_GTMD_WIP_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Wide IP .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.48"
}
alert BIGIP_GTMD_WIP_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Wide IP .*? state change .*? --> red \(.*?\)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.49"
}
alert BIGIP_GTMD_WIP_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.50"
}
alert BIGIP_GTMD_WIP_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.51"
}
alert BIGIP_GTMD_POOLMBR_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Pool .*? member .*? state change .*? --> green"{
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.52"
}
alert BIGIP_GTMD_POOLMBR_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Pool .*? member .*? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.53"
}
alert BIGIP_GTMD_POOLMBR_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.54"
}
alert BIGIP_GTMD_POOLMBR_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.55"
}
alert BIGIP_GTMD_SERVER_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Server .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.56"
}
alert BIGIP_GTMD_SERVER_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Server .*? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.57"
}
alert BIGIP_GTMD_SERVER_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.58"
}
alert BIGIP_GTMD_SERVER_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.59"
}
alert BIGIP_GTMD_VS_SNMP_STATUS_CHANGE_X "SNMP_TRAP: VS .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.60"
}
alert BIGIP_GTMD_VS_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: VS .*
? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.61"
}
alert BIGIP_GTMD_VS_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.62"
}
alert BIGIP_GTMD_VS_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.63"
}
alert BIGIP_GTMD_DC_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Data center .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.64"
}
alert BIGIP_GTMD_DC_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Data center .*? state change .*? --> red .*?" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.65"
}
alert BIGIP_GTMD_DC_SNMP_DISABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.66"
}
alert BIGIP_GTMD_DC_SNMP_ENABLED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.67"
}
/*
* hard disk failure, matched string is from kernel log messages
*/
alert BIGIP_KERNEL_DMA_INTR ".*?: dma_intr: error=0x40 \{ UncorrectableError \}"{
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.68";
lcdwarn description="Hard disk is failing." priority="4"
}
alert BIGIP_KERNEL_READ_INTR ".*?: read_intr: error=0x04 \{ DriveStatusError \}"{
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.68";
lcdwarn description="Hard disk is failing." priority="4"
}
alert BIGIP_KERNEL_IO_ERROR "end_request: I/O error" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.68";
lcdwarn description="Hard disk is failing." priority="4"
}
/*
* from gtmd (CR55365)
*/
/* these two don't need pattern match since their messages
are fixed from red<--> green, not other colors used with these two messages
*/
alert BIGIP_GTMD_APPLICATION_SNMP_OBJ_STATUS_CHANGE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.69";
}
alert BIGIP_GTMD_APPLICATION_SNMP_OBJ_STATUS_CHANGE_WHY {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.70";
}
alert BIGIP_GTMD_APPLICATION_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Application .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.71";
}
alert BIGIP_GTMD_APPLICATION_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Application .*? state change .*? --> red" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.72";
}
/*
* from gtmd (CR56687)
*/
alert BIGIP_GTMD_GTM_JOINED_GROUP {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.73";
}
alert BIGIP_GTMD_GTM_LEFT_GROUP {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.74";
}
/*
* from sod (CR55476)
*/
alert BIGIP_SOD_SODERR_STANDBY_FAILS {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.75";
}
/*
* from tmm (CR65808, 65715)
*/
alert BIGIP_TMM_TMMERR_INETPORT_EXHAUSTION {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.76";
}
/*
* from gtmd (CR69703, 69704)
*/
alert BIGIP_GTMD_BOX_SNMP_STATUS_CHANGE_X "SNMP_TRAP: Box .*? state change .*? --> green" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.77";
}
alert BIGIP_GTMD_BOX_SNMP_STATUS_CHANGE_WHY_X "SNMP_TRAP: Box .*? state change .*? --> red"{
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.78";
}
/*
* from gtmd/big3d (CR87209)
*/
alert BIGIP_GTMD_GTMD_SSL_CERT_EXPIRED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.81";
}
alert BIGIP_GTMD_GTMD_SSL_CERT_WILL_EXPIRE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.82";
}
alert BIGIP_BIG3D_BIG3D_SSL_CERT_EXPIRED {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.83";
}
alert BIGIP_BIG3D_BIG3D_SSL_CERT_WILL_EXPIRE {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.84";
}
/*********************************************************************/
/* ADD any new alerts above this section */
/*********************************************************************/
/*
* trap according to log level (CR38231)
* #define LOG_EMERG 0 // system is unusable
* #define LOG_ALERT 1 // action must be taken immediately
* #define LOG_CRIT 2 // critical conditions
* #define LOG_ERR 3 // error conditions
* #define LOG_WARNING 4 // warning conditions
* #define LOG_NOTICE 5 // normal but significant condition
* #define LOG_INFO 6 // informational
* #define LOG_DEBUG 7 // debug-level messages
*/
alert BIGIP_LOG_EMERG "^[0-9]{8}:0: (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.29"
}
alert BIGIP_LOG_ALERT "^[0-9]{8}:1: (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.30"
}
alert BIGIP_LOG_CRIT "^[0-9]{8}:2: (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.31"
}
/* we not alert those two until we make sure the log level for
each message is accurate.
alert BIGIP_LOG_ERR "^[0-9]{8}:3: (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.32"
}
alert BIGIP_LOG_WARNING "^[0-9]{8}:4: (.*)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.33"
}
*/
/* Don't add new alerts after here.
ADD any new alerts above this section
*/
文章评论