Sophie

Sophie

distrib > Mandriva > 2010.2 > i586 > media > contrib-release-src > by-pkgid > f419db9e0a33558a981504f72042bf17 > files > 11

sec-2.5.3-1mdv2010.1.src.rpm

################################################################
#          Sample SEC ruleset for HP OpenView ITO
################################################################

# process Cisco linkDown/linkUp trap events received from 
# HP OpenView ITO trap template through itostream plugin
# Submitted by Risto Vaarandi

type=PairWithWindow
ptype=RegExp
pattern=node=(\S+).*msg_text=cisco linkdown trap on interface (\S+)
desc=CISCO $1 INTERFACE $2 DOWN
action=event %s; 
continue2=TakeNext
ptype2=RegExp
pattern2=node=$1.*msg_text=cisco linkup trap on interface $2
desc2=CISCO %1 INTERFACE %2 BOUNCE
action2=event %s; 
window=20

type=SingleWithSuppress
continue=TakeNext
ptype=RegExp
pattern=CISCO (\S+) INTERFACE (\S+) DOWN
desc=cisco $1 interface $2 down
action=reset +1 %s
window=60

type=Pair
ptype=RegExp
pattern=CISCO (\S+) INTERFACE (\S+) DOWN
desc=cisco $1 interface $2 down
action=shellcmd /home/opc_op/cisco_msg.sh $1 $2 major down
ptype2=RegExp
pattern2=node=$1.*msg_text=cisco linkup trap on interface $2
desc2=cisco %1 interface %2 up
action2=shellcmd /home/opc_op/cisco_msg.sh %1 %2 normal up
window=86400

type=SingleWith2Thresholds
ptype=RegExp
pattern=CISCO (\S+) INTERFACE (\S+) BOUNCE
desc=cisco $1 interface $2 is unstable
action=shellcmd /home/opc_op/cisco_msg.sh $1 $2 major unstable
window=3600
thresh=10
desc2=cisco $1 interface $2 is stable again
action2=shellcmd /home/opc_op/cisco_msg.sh $1 $2 normal stable
window2=10800
thresh2=0

#
# the cisco_msg.sh script:
#
##!/bin/sh
#
#NODE=$1
#IF=$2
#SEV=$3
#TEXT=$4
#
## use snmpget utility from Net-SNMP package
#IFNAME=`/usr/bin/snmpget -c public -OQv $NODE .1.3.6.1.2.1.2.2.1.2.$IF`
#DESCR=`/usr/bin/snmpget -c public -OQv $NODE .1.3.6.1.4.1.9.2.2.1.1.28.$IF`
#
#MSG=`echo "Interface $IFNAME ($DESCR) $TEXT" | sed s/\"/\'/g`
#
#/opt/OV/bin/OpC/opcmsg node=$NODE app=cisco obj=if \
#                       sev=$SEV msg_grp=Network msg_text="$MSG"
#


# process APC ups "not online" trap events received from 
# HP OpenView ITO trap template through itostream plugin

type=SingleWithScript
ptype=RegExp
pattern=node=(\S+).*msg_text=APC ups not online
script=/home/opc_op/check_apc.sh $1
desc=APC ups is not online!
action=shellcmd /opt/OV/bin/OpC/opcmsg node=$1 app=APC obj=state \
  msg_grp=UPS sev=critical msg_text='%s'

#
# the check_apc.sh script
#
##!/bin/sh
# 
## sleep for a few seconds and check if the UPS error is still present;
## if it is, exit with 0, otherwise exit with 1
#
#UPS=$1
#sleep 5
#
## use snmpget utility from Net-SNMP package
#STATUS=`/usr/bin/snmpget -c public -OQve $UPS .1.3.6.1.4.1.318.1.1.1.4.1.1.0`
#
## According to the APC Powernet MIB the variable .1.3.6.1.4.1.318.1.1.1.4.1.1 
## takes the the following values: unknown(1), onLine(2), onBattery(3),
## onSmartBoost(4), timedSleeping(5), softwareBypass(6), off(7), rebooting(8),
## switchedBypass(9), hardwareFailureBypass(10), sleepingUntilPowerReturn(11),
## and onSmartTrim(12), where onLine(2) is the normal state for the UPS
#
#if [ $STATUS -eq 2 ]
#then
#  exit 1
#else
#  exit 0
#fi 
#

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional