nv-l
[Top] [All Lists]

RE: [NV-L] Best method to filter traps from specific IP addresses in rul

To: "Tivoli NetView Discussions" <nv-l@lists.ca.ibm.com>
Subject: RE: [NV-L] Best method to filter traps from specific IP addresses in ruleset
From: "Evans, Bill" <Bill.Evans@hq.doe.gov>
Date: Tue, 21 Nov 2006 17:13:22 -0500
Delivery-date: Tue, 21 Nov 2006 22:30:56 +0000
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
List-help: <mailto:nv-l-request@lists.ca.ibm.com?subject=help>
List-id: Tivoli NetView Discussions <nv-l.lists.ca.ibm.com>
List-post: <mailto:nv-l@lists.ca.ibm.com>
List-subscribe: <http://lists.ca.ibm.com/mailman/listinfo/nv-l>, <mailto:nv-l-request@lists.ca.ibm.com?subject=subscribe>
List-unsubscribe: <http://lists.ca.ibm.com/mailman/listinfo/nv-l>, <mailto:nv-l-request@lists.ca.ibm.com?subject=unsubscribe>
Reply-to: Tivoli NetView Discussions <nv-l@lists.ca.ibm.com>
Sender: nv-l-bounces@lists.ca.ibm.com
Thread-index: AccNlCPxAVcQi9TKTpWz++rNt8cPvwAFIL/AAARVpuA=
Thread-topic: [NV-L] Best method to filter traps from specific IP addresses in ruleset
Well I messed that one up.   Here's a corrected one.  
=======================

I'd use a QUERY DATABASE for a variable set to identify those four nodes. I 
think it's one of the less expensive functions. 

You have to identify the capability isOneOfFour to the system so it will exist 
in the dataabase. 

Edit /usr/OV/fields/C/ovw_fields and add the following 
        /*      Comments        */
        Field “isOneOfFour” {
                Type    Boolean;
                        Flags   capability;
        }       

Run ovw_fields to get it into the database structure. 

Then you have to set that capability for each of your devices:
         
        #!/bin/ksh
        echo "IP Hostname,isOneOfFour" >/tmp/temp.import        
        for Item in "One.local.node Two.local.node Three.local.node 
Four.local.node" 
           do
            echo "${Item},TRUE"  >>/tmp/temp.import
            done
        /usr/OV/bin/nvdbimport -f /tmp/temp.import 

Test for the "isOneOfFOur=TRUE" capability in your rule. 
  
We used to teach this in the "NetView for Unix for Administrators" course back 
in Version 4 and 5 timeframe.  

Bill Evans
Tivoli NetView support for DOE

-----Original Message-----
From: nv-l-bounces@lists.ca.ibm.com [mailto:nv-l-bounces@lists.ca.ibm.com] On 
Behalf Of Van Order, Drew (US - Hermitage) Sent:I think the Query Database is 
one of the less expensive functions. Tuesday, November 21, 2006 12:41 PM
To: Tivoli NetView Discussions
Subject: [NV-L] Best method to filter traps from specific IP addresses in 
ruleset

Hi everyone,

Our customer has been receiving Peribit traps for a few weeks. It currently 
looks like this in the ruleset:


Trap Settings node for Peribit trap Enterprise ID (all traps
highlighted) ----> Forward to TEC



Customer has requested that for just one of the traps, we only forward if it 
comes from 4 IP addresses, otherwise drop. I figure I will deselect this trap 
from the current Trap Settings node, then add a second Peribit Trap Settings 
node with just the one trap highlighted.
It's after this step that I am wondering what will be most efficient.

I know I can create a SmartSet with just these 4 IP addresses, but understand 
SmartSet queries in rulesets are very expensive, and I don't want to compromise 
performance since this is also our TEC_ITS ruleset.
Is there a better way to do this w/o Smart Set query? I don't want to create a 
TEC rule for this, I think it's smarter to do it closest to the trap source.

Thanks!---Drew

Drew Van Order
Information Technology Services
Deloitte Services LP
Tel: +1 615 882 7836
www.deloitte.com


This message (including any attachments) contains confidential information 
intended for a specific individual and purpose, and is protected by law.  If 
you are not the intended recipient, you should delete this message.


Any disclosure, copying, or distribution of this message, or the taking of any 
action based on it, is strictly prohibited. [v.E.1]

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.14.12/544 - Release Date: 11/21/2006 
4:59 PM

 



--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.14.12/544 - Release Date: 11/21/2006 
4:59 PM
 


_______________________________________________
NV-L mailing list
NV-L@lists.ca.ibm.com
Unsubscribe:NV-L-leave@lists.ca.ibm.com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to 
internal IBM'ers only)


-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.14.12/544 - Release Date: 11/21/2006 
4:59 PM
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.14.12/544 - Release Date: 11/21/2006 
4:59 PM
 


_______________________________________________
NV-L mailing list
NV-L@lists.ca.ibm.com
Unsubscribe:NV-L-leave@lists.ca.ibm.com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to 
internal IBM'ers only)

<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web