Unknown Alert Events are generated for traps that have been correctly mapped via the AlertMap file. When looking at the
event, it appears that Spectrum drops the last digit from the SnmpTrapOID varbind
The v2c trap did not conform to rfc standards and was not sending sysUptime as the first varbind. This causes problems for
the SpectroSERVER when processing the incoming trap.
Via a wireshark/tcpdump capture, we can see there is a missing varbind for sysUptime which should be the first varbind.
Release : 10.x
Component : Spectrum Core / SpectroSERVER
In this specific instance, the vendor Rubrik is creating a fix for the traps being sent so that they will conform to rfc standards. In other
instances traps could be generated via script using snmptrap and in these cases, the command being run would need to be updated
to include sysuptime.
When testing by recreating the trap manually using snmptrap on Linux we were able to see the trap successfully processed when
sysUptime was included.
snmptrap -v 2c -c TestRO 10.10.10.100:162 '' 184.108.40.206.4.1.49929.4.1 220.127.116.11.4.1.49929.8.1 s "Failed on demand backup of Microsoft SQL Server Database" 18.104.22.168.22.214.171.124.3.0 a 10.84.200.29