Why it’s needed and how it works?

Usual SNMP-Trap Receiver

usual

How in common situation SNMP-Trap processed?

Some system receives it, parse and send the message for each SNMP-Trap. It’s easy and fast. All is ok when you have not so much devices and links between its are stable. But when just one link started flapping (down and up at several times per minute) — you as well started to receive a lot of messages. And what happened when 10 links flapped?

For example, in our network when we have issues on trunk optics there was situations when my mailbox received about 100 (and even more) messages just for one problem. If the problem continues — I continue receiving all the messages. So firstly I forced to erase all the mails and then do a conclusion — what happened?

It was terrible and very uncomfortable. And It was the reason why I started working on this project. Trap Harvester.

Trap Harvester

Trap Harvester

The Trap Harvester is also trap-receiver system. But notifications in it sent by the other way.

  1. Firstly, when it receives the trap — it parses it and add to the DataBase storage.
  2. At the same time it adds trap to the notification Queue and start the Threshold timer (by default it’s 30 second).
  3. When the timer is over, the system check — is the trap last from this host?
  4. If it’s true — trap harvester grabs all unsent traps from the host, analysis it and send combined message.

So, for example, instead of receiving 8 messages you get just 2. And when 10 links flapping between 2 routers — you receive instead 80 mails — just 2! It’s fantastic. When I deployed it in our network I was shocked and very satisfied. Monitoring became a much easier and faster.

You also can try it, because it’s free and easy. Just read the fully installing manual.

Thanks for reading!