SNMP Notification Logs Overview

This feature offers users, or a management station, the ability to define multiple SNMP notification logs that keep track of the SNMP notifications (either an SNMP trap, or an SNMP inform) sent by the NE to management stations. A notification log has a name and a notification filter profile associated with it. The name is used to uniquely identify the log, and the filter profile defines which notifications generated by the NE are added to the log, and which notifications are not.

A log is also associated with the security credentials (SNMP user name, SNMP security model, and SNMP security level) that are used to create the log. Notifications that are added to a log are restricted to the notifications that can be accessed using these security credentials. You can also create a default log (a null-named log). The default log does not have security credentials associated with it, so it does not implement any access checks.

A notification log is limited in the number of notifications that it can store by a global entry limit, and a log entry limit, both of which can be changed. The global entry limit specifies the number of notifications that are present in all logs combined, while the log entry limit specifies the number of entries that are present for a specific log. You can also let the system manage the log entry limit, in which case the log can use all available free space within the limit specified by the global entry limit.

You can also enable aging of log entries by configuring an age-out period for them. When enabled, log entries that are older than the specified period are removed from the log.

The information stored in a log for each notification entry includes the following:

After the SNMP agent is restarted, the value of system up time when the notification was generated is reset to 0 for all entries that are present in the log. This serves as an indication to log viewers that the SNMP agent restarted.

Enabling and Disabling SNMP Notification Logs

To enable SNMP notification logging, create an entry in nlmConfigLogTable. After you create an entry, you can control the administrative status of the entry through both nlmConfigLogAdminStatus and nlmConfigLogEntryStatus MIB objects. You can view the operational status of the log using the nlmConfigLogOperStatus MIB object. You must associate an existing filter profile with the log for it to become operational.

Log Size Limits

You can set the maximum number of notification that can be logged at both the system level, and the individual log level. These limits are controlled through the nlmConfigGlobalEntryLimit and nlmConfigLogEntryLimit MIB objects, respectively. The sum of the values of nlmConfigLogEntryLimit for all entries cannot exceed nlmConfigGlobalEntryLimit.

If you try to set the value of nlmConfigLogEntryLimit so the sum of the values of nlmConfigLogEntryLimit for all entries exceeds the nlmConfigGlobalEntryLimit, the set operation is rejected. Similarly if you try to reduce the value of nlmConfigGlobalEntryLimit so that sum of the values of the nlmConfigLogEntryLimit for all entries exceeds the new value for nlmConfigGlobalEntryLimit, the operation is rejected. You can also set the nlmConfigLogEntryLimit to 0 (system-managed). If the entry limit for a log is set to 0, the log can use all available free space within the limit specified by nlmConfigGlobalEntryLimit.

Aging

You can specify an age limit in minutes for notifications in the log through the nlmConfigGlobalAgeOut MIB object. When a notification entry grows older than the specified age limit, the notification entry is deleted. You can disable aging of log entries by setting the value of this object to 0.

Access Control

When a named log is enabled moving the nlmConfigLogEntryStatus object of the log to the active state, the NE associates the security credentials used to perform that operation with the log. A notification may be added to the log only if the notification and the var-binds in the notification can be accessed using these security credentials. Access control does not apply to the default log (null-named log). The default log is not associated with any security credentials, so notifications are added to the default log without any access control restrictions.