How can I trace SNMP traffic being sent to the Directory?
search cancel

How can I trace SNMP traffic being sent to the Directory?

book

Article ID: 54447

calendar_today

Updated On:

Products

CA Directory CA Security Command Center CA Data Protection (DataMinder) CA User Activity Reporting

Issue/Introduction

Description:

This document details the steps required to trace a CA Directory DSA and observe the SNMP traffic being received and the DSA's responses.

Solution:

If you need to see the SNMP traffic being received by a DSA, or the SNMP responses that are being generated by a DSA, normal debug level tracing (set trace=all) will not capture the SNMP traffic. What you will need to do is to configure a different debug trace level on the DSA receiving the SNMP traffic by following the steps below:

  1. Connect to the DSA's console port, on the Directory server in question, type the following command from a command shell:

    telnet localhost <console port>

    If required, type in your DSA's console password.

  2. Once connected, you will see the following prompt:

    Welcome to the DSA Management Console
    dsa>

  3. At the DSA's prompt, type in the following command:

    dsa> set trace=stack;

    This will begin tracing the network level data that is being both received and sent by the DSA.

  4. Using your SNMP application, poll the DSA. The resulting output will be similar to the following output:

    comms_read 0
    udp_ind(0, 0x14ddc10, 161)
    Get request received 13318
    mib_get: index 0, inst -1 -1
    GET Attribute: sysDescr
    mib_get: index 1, inst -1 -1
    GET Attribute: sysObjectID
    mib_get: index 2, inst -1 -1
    GET Attribute: sysUpTime
    mib_get: index 3, inst -1 -1
    GET Attribute: sysContact
    mib_get: index 4, inst -1 -1
    GET Attribute: sysName
    mib_get: index 5, inst -1 -1
    GET Attribute: sysLocation
    mib_get: index 6, inst -1 -1
    GET Attribute: sysServices
    get_response(0x1238184, 2, 8, 20): 0
    address aaa.bbb.ccc.ddd:2642
    send_udp
    comms_send_udp 0 --> aaa.bbb.ccc.ddd:2642
    idx_from_fd(280) = 0
    comms_read 0
    udp_ind(0, 0x14e6cc8, 161)
    Get request received 13319
    mib_get: index 0, inst -1 -1
    GET Attribute: sysDescr
    mib_get: index 1, inst -1 -1
    GET Attribute: sysObjectID
    mib_get: index 2, inst -1 -1
    GET Attribute: sysUpTime
    mib_get: index 3, inst -1 -1
    GET Attribute: sysContact

  5. Once you have finished tracing the SNMP traffic, reset your trace level back to what is was originally by typing (for example the trace level before was "error"):

    set trace=error;

Environment

Release:
Component: ETRDIR
Powered by Wolken Software