How can I configure a SNMP trap in RSA authentication manager to give us alerts for the replication status? it would be helpful if we get notified whenever one of the instances (primary or replica) has replication error e.g. out of sync or internal replication error. what is the OID we could and what value would it give us?
Replication problems can trap an error, but better, is a pollable OID:
For traps make sure Send traps for System Log events is selected on the SNMP setup page in Security Console
But in my opinion it is better to actively poll, and do GETS on Replication OID 1.3.6.1.4.1.2197.20.21.1.5.x
(a) on the primary, there will be an OID per instance
for primary replication status 1.3.6.1.4.1.2197.20.21.1.5.0
for replica replication status 1.3.6.1.4.1.2197.20.21.1.5.1
and similarly. 21.1.5.x for other replicas
and, a replica has it's own pollable OID's and status as well.
(b) This OID will be a STRING and will report one of several conditions:
Replication Status
ATTACHING
FAILED
OFFLINE
UNHEALTHY
HEALTHY
OUT_OF_SYNC
SYNCHRONIZING
(c) For my lab, my snmp tool only works with numbers, the string values are meaningless, so
I use a basic script to get the string into a value (for this, healthy is 4, anything else is 'not replicating')
example: replica replication status script for mrtg
#/usr/bin/bash
HOME=/root
LOGNAME=root
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
LANG=en_US.UTF-8
SHELL=/bin/sh
PWD=/root
OUTPUT2="$(/usr/bin/snmpget -v3 -l noauthnopriv -u snmpuser 10.101.99.150 1.3.6.1.4.1.2197.20.21.1.5.1)"
#echo $OUTPUT2
RESULT2="$(echo $OUTPUT2 | cut -d '"' -f2)"
#echo $RESULT2
if [ $RESULT2 == "HEALTHY" ]; then
echo "4"
elif [ $RESULT2 == "OUT_OF_SYNC" ]; then
echo "3"
elif [ $RESULT2 == "OFFLINE" ]; then
echo "2"
else echo "1"
fi
echo "0"
exit
And, using this script passing numeric values to MRTG [which is the core component of my home-spun grapher]...
I get graphs showing how replication is doing at the moment, and over time...