IBM Support

Adding the SNMP_WATCH features to the NcKL snmptrap.rules file

Question & Answer


Question

What is required to ensure the NcKL snmptrap.rules work with the SNMP_WATCH feature?

Cause

The two mttrapd probe rules files need to be integrated in to the NcKL snmptrap.rules to use the SNMP_WATCH features.
mttrapd.snmpwatch.rules
mttrapd.bidir.rules

Answer

The SNMP_WATCH features require the rules file logic from the mttrapd.rules file provided with the MTTrapd probe.
These rules files can be included into the NcKL snmptrap.rules rules file logic, along with the required arrays.
An example set of modified rules files is provided as an illustration.
The SNMP_WATCH feature requires the object server to be running under process control, and the MTTrapd probe to have the command line interface enabled.
Example steps to configure a Netcool Knowledge Library object server probe.
Installing the Netcool Knowledge Library.
 ~/IBM/InstallationManager/eclipse/tools/imcl listAvailablePackages -repositories ./NcKL_4.8.zip

com.ibm.tivoli.nckl_4.8.7
 ~/IBM/InstallationManager/eclipse/tools/imcl -c install com.ibm.tivoli.nckl -repositories ./NcKL_4.8.zip

Installation directory: /opt/IBM/tivoli/NcKL48

Preparing the object server.
For the NcKL advanced correlation rules.
cd $NC_RULES_HOME/..
cat advcorr.sql | nco_sql -server <NCOMS> -user root -password ''
For the Aggregation layer object server.
cd $NCHOME/omnibus/extensions/multitier/objectserver
cat aggregation.sql | nco_sql -server <NCOMS> -user root -password ''
For the SNMP_WATCH features.
cd $NCHOME/omnibus/probes/linux2x86
cat mttrapd_create_SnmpActionTools.sql | nco_sql -server <NCOMS> -user root -password ''
Object Server external actions.
The object server that runs the SNMP_WATCH triggers needs to be run under process control.
With external actions configured.

File : $NCHOME/omnibus/etc/nco_pa.conf
Command '$OMNIHOME/bin/nco_objserv -name NCKL -pa NCKL_PA' run as 'nrv81'

nco_pa_status -server NCKL_PA
Login Password:
--------------------------------------------------------------------------------------
Service Name         Process Name         Hostname   User        Status           PID
--------------------------------------------------------------------------------------
Core                 NCKL                 localhost  nrv81      RUNNING         4016
--------------------------------------------------------------------------------------
The mttrapd_Nhttp_SnmpActions.pl perl script need to be runable on the object server running the triggers and external procedure.
The SNMP WATCH triggers and procedures require the perl script provided with the MTTrapd probe to connect to the probes command line interface.
mttrapd_Nhttp_SnmpActions.pl
Installing the MTTrapd probe on the Aggregation layer object servers is one way to ensure the SQL and perl files are available.
Configure the NcKL snmptrap.rules  for use with the SNMP_WATCH features.

Copy the default NcKL snmptrap.rules to a new file, snmpwatch_snmptrap.rules.

cp snmptrap.rules snmpwatch_snmptrap.rules

Edit the new file snmptrap.rules and add in the rules file logic from the mttrap.rules for the SNMP_WATCH events.
 249 if(match(@Manager, "ProbeWatch"))

The arrays need to be places at the top of the rules after the target definitions.
#######################################################################
# Arrays used in "mttrapd.snmpwatch.rules" file
#######################################################################
array snmp_watch_whole
array snmp_watch_payload
array watch_data_payload
With the mttrapd.bidir.rules logic added as an if-else-if to the ProbeWatch logic.
if ( (exists($snmpreq) && !match($snmpreq,"")) ||
                (exists($snmp_action) && !match($snmp_action,"")) )
{
        # Uncomment the line below to enable rules file for bi-directional
        # functionality. Specify the path of the rules file if it is not
        # in the same directory with this rules file.
        include "$NC_RULES_HOME/SNMP_WATCH/mttrapd.bidir.rules"
} else if( match( @Manager, "ProbeWatch" ) )
{
...
and the mttrapd.snmpwatch.rules added to the default: for switch(@Summary)|switch($ProbeStatus).
        default:
            if (nmatch($ProbeStatus,"SNMP_WATCH"))
            {
# Need to set @Summary back to original Summary found in $ProbeStatus
              @Summary = $ProbeStatus
              include "$NC_RULES_HOME/SNMP_WATCH/mttrapd.snmpwatch.rules"
              $use_default_summary=0
            }
            else
            {
              @Severity = 2
              @Type = 1
            }

Copy the newly included rules to the SNMP_WATCH directory.
mkdir SNMP_WATCH
cd SNMP_WATCH
cp $NCHOME/omnibus/probes/linux2x86/mttrapd.snmpwatch.rules .
cp $NCHOME/omnibus/probes/linux2x86/mttrapd.bidir.rules .
Check the rules are working by using the MTTrapd probe or syntax probe.
To test the rules files work the traps from the FAQ 'Checking SNMP trap reception for the MTTrapd probe' can be used.
Comment
The mttrapd_triggers trigger group is disabled by default.
To enable the mttrapd_triggerstrigger group, use the following SQL on each object server where the mttrapd_create_SnmpActionTools.sql tools were installed.
alter trigger group mttrapd_triggers set enabled true;
go

Example set of NcKL rules files.

[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSSHTQ","label":"Tivoli Netcool\/OMNIbus"},"ARM Category":[{"code":"a8m500000008a6IAAQ","label":"Probes-\u003ERules File-\u003EKnowledge Library NcKL"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
12 August 2025

UID

ibm17159932

Page Feedback