Not seeing traps from TrapX (SDC) landing on the Spectroserver

book

Article ID: 207721

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

We configured trapx on a standalone SDC install and have edited the trapx.config file. 

Traps appear in the trap logs , but not on the Spectroserver

 

 

Cause

The remote SDC is not connecting to the SpectroSERVER SDM. Here are a few things to check: 

Environment

Release : 20.2

Component : Spectrum Core / SpectroSERVER

Resolution

1. Verify the trapx sdc.config and SS  sdm.config are shown as follows, respectively: 

-accept <sdm_ip>

-trapx -remoteconnect <trapx_ip>

 

2. If TrapX is installed on the same VM as the SpectroSERVER (although not recommended), note that the SS is already configured to accept traps on Port 162. Thus, either the SS or the TrapX port must be changed, to avoid a port conflict. 

SS trap port is changed in <SPECROOT>/SS/.vnmrc

TrapX port is changed in <SDC_INSTALL>/SDMConnector/bin/sdc.rc

3. Restart the services:

- restart TrapX SdmConnector service via Task Manager (Windows) or ./bin/SdmConnectorService --restart (Linux)

- reload sdm.config on SS by re-import via OneClick > SDM Manager:

 

LOGS: 

View the logs to confirm the "keepalive" messages on both ends are successful. If needed, you can append the sdc.config and sdm.config files with "-loglevel debug" to enable Debugging. 

You can verify traps are received on TrapX server with tcpdump/wireshark capture. You can then tail the TrapX SDC log to confirm traps are being processed. 

TrapX: <SDC_INSTALL>/SDMConnector/bin/sdmLog.log

SDM: <SPECROOT>/SDM/sdmLog.log

Additional Information

TrapX Config Documentation: https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/spectrum/10-4-2/managing-network/secure-domain-manager-sdm/installing-and-configuring-secure-domain-manager-processes/install-the-sdconnector-process/configure-multiple-sdc-secure-domain-connector-processes-on-a-single-server/sdc-trapx-support.html

Attachments