Configuration Examples
The following sections provide various examples of the SNMP Notification Log feature.
Log all notifications
The following example illustrates how to log all notifications sent by a switch, and retain them for as long as possible. However, to reduce memory usage, you might want to limit the number of notifications in all logs to 5000 entries:
configure snmp notification-log global-entry-limit 5000
Disable aging of notification entries.
configure snmp notification-log global-age-out none
Create the default log. Because you want to log all notifications, the default log can be used instead of a named log, because it does not impose any security checks.
configure snmp add notification-log default
Create a filter that accepts all notifications.
configure snmpv3 add filter "all" subtree 1 type included
Attach the filter to the log.
configure snmp notification-log "default" filter-profile-name "all"
View the configuration, status and entries of the default log.
show snmp notification-log "default"
View entry number 1 of the default log in detail.
show snmp notification-log "default" entry 1
Log all notifications using security
The following example illustrates how to log all notifications that are visible to the SNMP user “monitor” when using the security mode ‘USM‘, and the security level ‘privacy‘.
Create the log and associate it with the security credentials of the user “monitor”.
configure snmp add notification-log "monitor-log" user "monitor" sec-model usm sec-level priv
Create a filter including only all traps.
configure snmpv3 add filter "all" subtree 1 type included
Attach the filter to the log.
configure snmp notification-log "monitor-log" filter-profile-name "all"
View the configuration, status and entries of “monitor-log”.
show snmp notification-log "monitor-log"
View entry number 1 of “monitor-log” log in detail.
show snmp notification-log "monitor-log" entry 1
NMS logs all link status change notifications
The following example illustrates the configuration for when an NMS wants to log all link status change notifications. The NMS queries the log every hour, and wants to age out the log entries every two hours. Additionally, to ensure that link status events are not replaced by other events, the NMS wants to reserve 1000 entries for this log.
- Create a notification filter profile including both linkUp and linkDown
OIDs.
snmpNotifyFilterMask.11."link-status".1.3.6.1.6.3.1.1.5.3 = ''H snmpNotifyFilterType.11."link-status".1.3.6.1.6.3.1.1.5.3 = include snmpNotifyFilterStorageType.11."link-status".1.3.6.1.6.3.1.1.5.3 = nonVolatile snmpNotifyFilterRowStatus.11."link-status".1.3.6.1.6.3.1.1.5.3 = createAndGo snmpNotifyFilterMask.11."link-status".1.3.6.1.6.3.1.1.5.4 = ''H snmpNotifyFilterType.11."link-status".1.3.6.1.6.3.1.1.5.4 = include snmpNotifyFilterStorageType.11."link-status".1.3.6.1.6.3.1.1.5.4 = nonVolatile snmpNotifyFilterRowStatus.11."link-status".1.3.6.1.6.3.1.1.5.4 = createAndGo
- Create a named log for link status notifications, attach the profile
created above, and set its entry limit to 1000. The SNMP operation of creating this entry must
be performed using security credentials that have access to the linkUp and linkDown
notifications.
nlmConfigLogFilterName.5."links" = "link-status" nlmConfigLogEntryLimit.5."links" = 1000 nlmConfigLogAdminStatus.5."links" = enabled nlmConfigLogStorageType.5."links" = nonVolatile nlmConfigLogEntryStatus.5."links" = createAndGo
- Set the global age-out to 120
minutes.
nlmConfigGlobalAgeOut.0 = 120
- To view the log contents, the NMS must query nlmLogTable and nlmLogVariableTable.