Details
-
Improvement
-
Resolution: Done
-
Major
-
None
-
Professional Edition
-
None
-
21.11.11767
Description
Hi Team,
I'm facing issue with creating custom OID alert from Pulse Secure for below.
iveTotalSignedInUsers - .1.3.6.1.4.1.12532.48
iveConcurrentUsers - .1.3.6.1.4.1.12532.12
Not able to associate with the device or the alert condition are also not matching
Refer attached screenshot for your reference.
Attachments
Activity
Hi Adam,
Just followed the sample alert checker that you shared and the below alerts are working as expected.
iveTotalSignedInUsers - .1.3.6.1.4.1.12532.48
iveConcurrentUsers - .1.3.6.1.4.1.12532.12
Thanks for your support 
Note that the alert checker doesn't collect anything from the end system, it only acts on data collected by another entity type, in this case the custom oid entity.
It's not worth even looking at the alert checker until you have a verified working custom oid collecting valid data!
Thanks,
adam.
Hi,
Don't test things like this with snmpwalk, you test with individual OIDs with snmpget to make sure the exact OID is valid.
.1.3.6.1.4.1.12532.48.0 isn't the same as .1.3.6.1.4.1.12532.48
You can't use .1.3.6.1.4.1.12532.48, because it's not a valid OID. It's like using just the area code to try to call someone. You're missing the instance-specific part of the number. Even though this OID is scalar with a single entry, it still needs the index of 0.
In the checker conditions, "value" is the number coming from the OID. You need to compare it to something, comparing it to the numerical address of the OID is also not useful. You need to compare it to another number, something you want it to be below or above.
Please read this page on how alert checker conditions work:
https://docs.observium.org/alert_checker/
It's also not necessary to use so many conditions in the associations block, you can probably just match only the numerical or text OID name.
Please see the below examples for a working custom oid and checker entry for a SCALAR OID.
The alerting system is very, very simple. Most confusion is caused by people assuming it is more complex than it is!
Thanks,
adam.
Hi Adam,
I ran the snmp mibwalk and could see the results are coming as expected, But when creating an alert the OID's are not capturing the results.
Refer the screenshot as I've modified the alert checker 
.1.3.6.1.4.1.12532.12.0 = Gauge32: 55 - iveConcurrentUsers
.1.3.6.1.4.1.12532.48.0 = Gauge32: 55 - iveTotalSignedInUsers
Please check your own SNMP walk, search for ".1.3.6.1.4.1.12532.48"
Then try to snmpget ".1.3.6.1.4.1.12532.48", then try to snmpget the OID from your snmpwalk.
Why are you trying to compare the OID returned value to the OID name? You want it to alert if the OID value is its own name?
General questions and device support can be discussed in our Discord channel, click here to join.
Please make and attach additional information about the device:
- full snmp dump from device:
snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1 > myagent.snmpwalksnmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalkIf device not support SNMP version 2c, replace -v2c with -v1.
- If you have problems with discovery or poller processes, please do and attach these debugs:
./discovery.php -d -h <device>./poller.php -d -h <device>
- additionally attach device and/or vendor specific MIB files
This comment is added automatically.
Glad it's working!