Filter SNMP traps to Ridgeline

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
We use the netlogin feature all over our network. With this we get a lot of traps in Ridgeline and I'm assuming soon to be Net Sight. We don't care about these messages, because we can see the authentication failures and successes on our NPS servers. How can we filter these out on the switch side (x460 and x440)? I'm sure we can filter out on Ridgeline, but I would prefer on the switch so we would have less CPU cycles passing traffic we don't need to see.

Thanks in advance!
Photo of bw447

bw447

  • 906 Points 500 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of bw447

bw447

  • 906 Points 500 badge 2x thumb
I do see that by using the command:

configure snmpv3 add target-add param ..... tag-list

It looks like you can specify traps, but I don't know what the tag-list options are.
Does anyone have an idea?
Photo of Markus

Markus, Employee

  • 172 Points 100 badge 2x thumb

Hello.

A while ago the question, but still interesting today and for others in this community.

To filter out authentication traps on the switch (prevent from being sent) i.e. for netlogin login, logout and failures you just need to exclude the corresponding MIB OID of the trap from the defaultNotifyView or whatever mib-view name you are use.

An example:

configure snmpv3 add mib-view defaultNotifyView subtree 1.3.6.1.4.1.1916.4.3.0.4 type excluded
configure snmpv3 add mib-view defaultNotifyView subtree 1.3.6.1.4.1.1916.4.3.0.5 type excluded
configure snmpv3 add mib-view defaultNotifyView subtree 1.3.6.1.4.1.1916.4.3.0.6 type excluded

Hope this helps a lot of people in this case.

Kind regards,

Markus