Hi All,
We followed the steps mentioned in below KB article. Using the tools described we are seeing the objects using snmpWalkrun.bat and this gives data.
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec509299.aspx
We are trying to use Splunk to monitor SNMP and splunk is capable to capture the data sent by traps. We modified the snmptrace.conf file to use splunk server. But splunk is not getting the data.
We enabled the snmp logging and we are getting smpolicysrv_snmptrap.log file getting generated. This file grows very fast but don't contain any informational data:
### SmEventRecord::Event is currently not SNMP supported : nCategoryType 6 , nCategory 22, nEventID 1 ###
### SmEventRecord::Event is currently not SNMP supported : nCategoryType 6 , nCategory 22, nEventID 1 ###
### SmEventRecord::Event is currently not SNMP supported : nCategoryType 6 , nCategory 22, nEventID 1 ###
So we are trying to identify if siteminder is sending data to splunk (any other SNMP server) or not? Is there any log file where we can see if the data is sent?
Also I would request to please update the document under:
CA SiteMinder® Integrated Documents 12.52
Policy Server Guides › Policy Server Administration Guide › Monitoring CA SiteMinder® Using SNMP › Configure the CA SiteMinder® Event Manager
SNMP Traps Not Received After Event
as the document states we we will get:
SmServAuth_snmptrap.log
SmServAz_snmptrap.log
SmServAcct_snmptrap.log
SmServAdm_snmptrap.log
I guess these were used for siteminder version 5, which use to have 4 different processes.
If we have done everything correct then we will only get 1 log file now smpolicysrv_snmptrap.log.
Please suggest.
Thank you