In a ruleset, $1 as defined in trapd.conf, becomes $NVATTR_1 . So I am as
puzzled by what you say as you are.
If you want to be sure of what's in the trap, then you could use xnmtrap to
modify this trap's log statement by having it say "$*", then when the next one
comes in, trapd will display all the variables, so you can be sure what you are
getting.
James Shanks
Tivoli (NetView for UNIX) L3 Support
Howard Allison <howard@HOWARD-ALLISON.COM> on 10/05/99 05:50:11 AM
Please respond to Discussion of IBM NetView and POLYCENTER Manager on NetView
<NV-L@UCSBVM.UCSB.EDU>
To: NV-L@UCSBVM.UCSB.EDU
cc: (bcc: James Shanks/Tivoli Systems)
Subject: Authentication Variables
Hi, I'm trying to write a ruleset to check thresholds on Cisco
Authentication traps. To test it, I'm writing a log file after the threshold
criteria has been met. I can get source, time etc from the $NVA, NVATTR_x
variables, no problem... but I can't get the guilty party in any variable.
The trap is defined as :
Cisco Incorrect Community Name (authenticationFailure Trap) authAddr: $1
But I can't extract the '$1' from the trap. What am I doing wrong?
mfg,
Howard Allison
Softcom Consulting GmbH
A - 1120 Wien
Rosasgasse 29
Tel. (43 1) 815 7930
Fax. (43 1) 815 79 3022
howard@howard-allison.com
|