This chapter describes how you can manage runtime alarms raised in Oracle Communications Evolved Communications Application Server (OCECAS) by using the Simple Network Management Protocol (SNMP) service.
Session Design Center generates alarms during runtime processing for the following SNMP severity levels:
Fatal
Critical
Warning
Advisory
Informational
Clear.
These alarms are converted to SNMP Traps and sent to a trap management application. The Oracle solution for SNMP Trap Management is Oracle Enterprise Manager. OCECAS and Oracle Enterprise Manager support SNMP v3 (RFC 3411).
Standard SNMP trap managers can process the SNMP traps that OCECAS generates. For more information, see "How Enterprise Manager Supports SNMP" in Enterprise Manager Cloud Control Administrator's Guide.
You configure the options for OCECAS alarms through the Evolved Communications node in the Administration Console for the OCECAS runtime domains in your installation.
Caution:
Configure the alarms using the OCECAS Administration Console only.Changes that you make to alarms using any other method are temporary only. They are lost/overwritten as they are not visible in the Weblogic Administration Console.
Table 6-1 lists the general settings to configure alarms.
Table 6-1 General Settings for Alarms
Configuration Entry | Description |
---|---|
Store Alarms |
Select this check box to store alarms received inside the platform. |
Maximum Alarms Stored |
The maximum number of alarms to store. The default is 0. |
Trap Generation Interval |
Specify (in milliseconds) the frequency to generate SNMP traps after receiving alarms. The default frequency is 0 milliseconds, causing OCECAS to generate traps immediately after receiving an alarm. |
Trap OID Prefix |
Provide the trap object identifier prefix. |
Trap Destination Address |
Enter the destination address to which an SNMP trap is sent. It can be a host name, an IPv4, or an IPv6 address. IPv6 addresses are wrapped using '[]', for instance: [::1]. |
Trap Destination Port |
Specify the port of the destination to which an SNMP trap is sent. The default port 162. |
Trap Timeout |
Provide the timeout (in milliseconds) when sending traps. The default timeout value is 3000 milliseconds. |
Trap Retries |
Specify the number of times to attempt to send a trap when there is a failure in sending a trap. Default value 2. |
Table 6-2 lists the advanced settings to configure alarms.
Table 6-2 Advanced Settings for Alarms
Configuration Entry | Description |
---|---|
Security Level |
Select the security level for the runtime OCECAS Domain. The possible settings are:
If you plan to use a setting other than NOAUTH_NOPRIV for the security level parameter, see "Providing Custom Security Settings". |
Security Username |
Enter the authorised user name on the SNMP manager/receiver. |
Authorization Resource ID |
This entry is required to retrieve the remote user authorization password. |
Privacy Resource ID |
This entry is required to retrieve the remote user privacy password. |
Authentication Protocol |
Select the authentication protocol from the list. The selections are:
|
Privacy Protocol |
Select the privacy protocol from the list. The selections are:
|
Security Model |
The version of the User-based Security Model (USM) for Simple Network Management Protocol (SNMP). The current version is 3. |
Configure the alarms by doing the following:
Access the Administration Console for the domain.
Select Evolved Communications in the Domain Structure pane.
Select the Alarms configuration tab.
Configure the entries displayed in the top section of the page. For a description of the fields, see Table 6-1.
Configure the entries displayed in the Advanced section of the page. For a description of the fields, see Table 6-2.
Click Save.
OCECAS uses the SNMP4J library and the Java Management Extensions (JMX) Bean to help in the generation of SNMP traps. The SNMP traps use an application-specific object ID (OID).
You configure the OID through the WebLogic Administration Console. The OID should match the OID specified in the MIB file shipped with the OCECAS software.
If the SNMP trap manager or SNMP trap receiver in your installation does not use NOAUTH_NOPRIV, configure the required parameters for secure access. Each of the runtime domains (testing, staging, and production domains) must be configured and secured.
If the security level is not NOAUTH_NOPRIV, ensure that the trap client or trap generator you employ provides the required security. Wrap the password in the user-based security model (USM) for SNMP, version 3. For information about user-based security model (USM) for SNMP, version 3, see RFC3411 at http://tools.ietf.org/html/rfc3411
.
Complete the following steps for each runtime domain:
Create a new credential mapping for the domain. See "Creating New Credential Mappings".
Configure the alarms with the retrieved the resource IDs. See "Configuring the Alarms with the Resource IDs".
Create a new credential security mapping by doing the following:
Creating a New Credential Mapping Entry
Access the Administration Console for the runtime domain.
In the Domain Structure panel, select Security Realms. The Access Summary of Security realms page appears.
In the Realms table, click on the myrealm entry. The Settings for myrealm page is displayed.
Click on the Credential Mapping tab. The Default Credential Mappings table lists the user password credential mappings configured for this realm using Remote Resources.
Click New.
The Creating the Remote Resource for the Security Credential Mapping page appears.
Creating the Remote Resource for the Security Credential Mapping
If you are not using the cross-domain protocol to create a credential mapping for a remote domain user, complete this set of steps:
Make sure that the Use cross-domain protocol attribute is disabled.
Enter information about the remote resource to be accessed using this credential mapping. This information is used to identify the remote resource.
In the Protocol field, enter the protocol to use to reach the remote resource.
If the remote resource is identified by a host name and port:
In the Remote Host field, enter the host name of the remote resource.
In the Remote Port field, enter the port number of the remote resource.
If the remote resource is identified by a path:
In the Path field, enter the path to the remote resource.
In the Method field, enter the method on the remote resource with which this credential is used.
Click Next.
The Create a New Security Credential Map Entry page appears.
In the Local User field, enter the name of the local user that you are mapping from.
This is the WebLogic user name that will be the initiator when you want to access the remote resource using this credential mapping.
In the Remote User, enter the name of the remote user that you are mapping to.
This is the user name that is authorized to access the resource using this credential mapping.
In the Remote Password field, remote password required by the remote resource for the remote user you specified above.
In the Confirm Password field, re-enter the password.
Click Finish.
Complete this step for cross-domain security:
Create a user name and password-based credential mapping for cross-domain security:
Select the Use cross-domain protocol.
In the Remote Domain field, enter the name of the remote domain that needs to interact with the local domain.
Click Next.
The Create a New Security Credential Map Entry page appears.
In the Local User field, enter the string cross-domain.
In the Remote User, enter the user name configured in the remote domain that is authorized to interact with the local domain.
In the Remote Password field, enter the password for the remote user.
In the Confirm Password field, re-enter the password.
Click Finish.
After you create the credential mappings, you will see the resource identifiers in the resource mapping records on the Credential Mappings tab. Note down the resource IDs from the resource mapping records on the Credential Mappings tab.
Next, configure the alarms by doing the following:
Access the Administration Console for the domain.
Select Evolved Communications in the Domain Structure pane.
Select the Alarms configuration tab.
Verify that the entries displayed in the top section of the page are configured. For a description of the fields, see Table 6-1.
Configure the entries displayed in the Advanced section of the page. For a description of the fields, see Table 6-2.
Note:
Input the resource IDs retrieved from the Credential Mapping. For example:type=<remote>, protocol=SNMP, remoteHost=localhost, remotePort=162, method=auth