DH> I'd like to trigger an alarm if a process was fixed (started when not DH> found). Is there a clean way to do that?
You're already half way there. You're using disman to monitor and trigger the fix command. Just add a little more config to send a trap as well. See the active monitoring section of the snmpd.conf man page. DH> Does snmpd already have an open channel to snmptrapd? There is no channel. snmpd uses trapsinks defined in the conf file to decide where to send traps, which may or not be local. DH> At a minimum, if I log the fact a process was DH> restarted, I can then trigger my log analyzer to send an alarm. Try running snmpd with -Ddisman,mte and kill a monitored process. Slog through the debug output and see if there is a specific debug message that you might be able to use.. disman:event:trigger:monitor and disman:event:trigger:fire look promising.. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
