Netcool object server collects the data from different probes and displays to console.Probes connect to an event source, detect and acquire event data, and forward the data to the ObjectServer as alerts. Probes use the logic specified in a rules file
There are different netcool probes. Netcool creates specific vendor probes.
e.g., Patrol, Sitescope, NNM, CICSO CTM etc.
Common Netcool probes are Syslog, TrapD probes.
How does the Syslog Probe works ?
Syslog is a logging mechanism implemented on UNIX platforms and does not require any special hardware. The probe logs messages in an appropriate system log and writes it to the system console, forwards it to a list of users, or forwards it to another UNIX host over the network.
The Syslog Probe acquires event data from syslogd, the UNIX system message logger, by reading from a log file or a named pipe (FIFO) into which syslogd has been configured to write its messages.
How does the TrapD Probe Work ?
The Multi-Thread Trapd Probe has the following features:
· Handles a high volume and high rate of traps
· Receives traps independently of trap processing using an internal queue mechanism
· Probe handles high trap rates and high burst rates using two buffers: one buffer for all of the sockets that the probe monitors, and an internal queue between the reader and writer sides of the probe
· Supports SNMP V1 traps, V2c traps, and V3 traps
· Supports SNMP V2 traps and V3 informs
· Uses a USM-based V3 security model
The Multi-Thread Trapd Probe is a direct SNMP monitoring probe. The probe acquires event data by acting as a trap daemon and monitoring SNMP traps and events on both UDP and TCP sockets.
For more information on probes please login to http://www.ibm.com
No comments:
Post a Comment