Integrating Traffic Sentinel into ProCurve Manager

This document describes how to:

Launch Traffic Sentinel from ProCurve Manager Client (CIP Integration)

ProCurve Manager "CIP Integration" can be used to add buttons and menu options within the ProCurve Manager UI that will link you directly to the relevant pages in Traffic Sentinel. This section describes the detailed steps for installing this solution. You will need to know the IP address of the Traffic Sentinel server, and have 'administrator' access on the ProCurve Manager client.

  1. Extract all files from the archive Sentinel_CIP_Files.zip into the <installdir>\PNM\Server\Config\devConfig\extern directory on the ProCurve Manager Client.

  2. In Notepad, edit the files Sentinel_Agent.uda, SentinelTab.trg and Sentinel.uda in turn. In each case replace the IP Address "10.0.0.81" with the IP Address of the Traffic Sentinel server, and save your changes.

  3. Quit and restart the ProCurve Manager client application. You should now find you can link from ProCurve Manager to the appropriate page in Traffic Sentinel via:

Send SNMP Trap Events from Traffic Sentinel to ProCurve Manager Server

SNMP Traps raised by Traffic Sentinel can be sent to ProCurve Manager, where they can be parsed and used to trigger policy actions. This section describes the detailed steps for configuring this closed-loop control solution. To follow them you will need both 'root' access on the Traffic Sentinel server and 'administrator' access on the ProCurve Manager server.

On the Traffic Sentinel Server

  1. Confirm that the rpm package net-snmp-utils is installed on the linux server. For example: 

    root> rpm -q net-snmp-utils
net-snmp-utils-5.1.2-11

  2. Edit the file /usr/local/inmsf/etc/config/global.prefs and add the following lines (substituting the correct IP address for the ProCurve Manager server): 

    event.trap = 10.1.2.3 ; IP Address of ProCurve Manager Server
event.severity = 1    ; 1=all, 2=warn/severe, 3=severe only

On the ProCurve Manager Server

  1. Extract the file SentinelTrap.trp from the archive SentinelTrap.zip into the <installdir>\PNM\Server\Config\devConfig\extern directory on the ProCurve Manager Server.

  2. Close all PCM clients.

  3. On the Control Panel, select "Administrative Tools", then click on "Services".

  4. Right-click on the "HP ProCurve Datastore" service and select "Restart" from the pop-up menu.

Test the sending of SNMP Traps

  1. Start the ProCurve Manager Client again, and navigate to the event log window.

  2. Navigate to the File>Control page on Traffic Sentinel, and click to Restart Data Collection Processes. This will generate several events of type inform.

  3. Confirm that these events appear in the ProCurve Manager event log, as shown here.

Adjust the severity filter on the Traffic Sentinel Server

  1. Back on the Traffic Sentinel server again, edit the file /usr/local/inmsf/etc/config/global.prefs and adjust the event.severity setting to 2 (so that only warnings or severe events will be forwarded as traps): 

    event.trap = 10.1.2.3 ; IP Address of ProCurve Manager Server
event.severity = 2    ; 1=all, 2=warn/severe, 3=severe only

Configure Policy Actions in ProCurve Manager

You are now ready to define Polices in ProCurve Manager and trigger them with these traps. Consult the ProCurve Manager documentation for details on how to take action in respond to an event. Consult the Traffic Sentinel documentation for details on raising events such as security-alerts, traffic-level alerts or other conditions detected in the traffic patterns on the network.

Copyright © 1999-2024 InMon Corp. sFlow is a registered trademark of InMon Corp. ALL RIGHTS RESERVED. Sitemap