...
The notifications to expect are:
- Iec104 Protocol plugin server connection status (offline, in progress, established) Iec104 (STLNK or STCHA)
- Protocol plugin client connection status (offline, in progress, established) (STLNK or STCHA)
- Iec104 north North Protocol plugin service status (stopped, starting, shutting down, running) Iec104 south (STSRV)
- South Protocol plugin service status (stopped, starting, shutting down, running) (STSRV)
- Fledge system start (START)
- Stop the Fledge system (FSTOP)
- Configuration update (CONCH)
- Service failure (SRVFL)
- SNMP v3 authentication failure (SNMPAuthenficationFailureSNAUF)
- INFO event (eventinfoEVTIF)
- WARNING event (eventwarningEVTWA)
- FATAL event (eventfatalEVTFA)
The plugin must be able to link audit messages with SNMP traps only by configuration.
Audit Message Reception
The plugin will receive a number of audit messages. These audits represent states, logs , or actions reported by the various services. These messages are to be transferred as a trap via the SNMP protocol.
...
Name of the audit message (SOURCE) | Description | SEVERITY | Variables JSON DETAILS | Description of the variable | Type of the variableAudit Existing or | ||
STLNK (to be created | |||||||
STATELINK STLNK) | State of the protocol link of the north or south services | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created | |
nameLink | Name of the protocol link (name of the PA for example) | String | |||||
valueLink | Link status. | enum :
| |||||
STATECHANNEL STCHA (to be created) | Status of the north or south service protocol channels | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created||
nameLink | Name of the protocol link | String | |||||
nameChannel | Name of the TCP connection | String | |||||
valueChannel | State of the TCP connection | enum :
| |||||
STATESERVICE STSRV (to be created) | State of services north or south | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created | |
valueService | State of the service sending the notification. (1) | enum :
| |||||
START | Starting the FLEDGE system | SUCCESS, FAILURE, | |||||
FSTOP | Stopping the FLEDGE system | SUCCESS, FAILURE, | |||||
CONCH | Configuration update | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | StringExisting | ||
SRVFL | Failure of a service (failure to start, crash at runtime...) | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | Existing||
errorService | Service error in the form of a string | String | |||||
SNMPAuthenficationFailure SNAUTF | SNAUF (to be created) | Authentification failure SNMP v3 | SUCCESS, FAILURE, | ||||
EVTIF (to be created | Eventinfo) EVTIF | évènement type INFO | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created |
nameEvent | Name of the event | String | |||||
valueEvent | Description of the event | String | Eventwarning|||||
EVTWA (to be created) | évènement type WARNING | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created||
nameEvent | Name of the event | String | |||||
valueEvent | Description of the event | String | |||||
Eventfatal EVTFA (to be created) | évènement type FATAL | SUCCESS, FAILURE, | nameService | Name of the service sending the notification. (1) | String | To be created||
nameEvent | Name of the event | String | |||||
valueEvent | Description of the event | String |
...
SNMP trap name | Variable Objet | Description variable objet |
Evt (OID) | nameGateway (OID) | Name of the gateway (hostname) |
nameService (OID) | Name of the service | |
nameEvent (OID) | Name of the event. Take the name of the audit. | |
labelVariable (OID) | Label of the variable | |
valueVariable (OID) | Event value (log description, connection status, service status ...) | |
severity (OID) | Severity of the eventaudit | |
date (OID) | Date of receipt of the audit |
...
Common fields for all traps:
- "nameGateway " = hostname of the gateway
- Datedate
- Severityseverity
Correspondence with audit variables
Name of the audit message | Variables Audit | SNMP trap variable name |
stateLinkSTLNK | nameService | nameService |
nameEvent="stateLink" | ||
nameLink | labelVariable | |
valueLink | valueVariable | |
stateChannelSTCHA | nameService | nameService |
nameEvent="stateChannel" | ||
nameLink - nameChannel | labelVariable | |
valueChannel | valueVariable | |
stateServiceSTSRV | nameService | nameService |
nameEvent="stateService" | ||
labelVariable="State of the service" | ||
valueService | valueVariable | |
START | nameService= nameGateway | |
nameEvent="START" | ||
labelVariable="State of the gateway" | ||
valueVariable="ON" | ||
FSTOP | nameService=nameGateway | |
nameEvent="FSTOP" | ||
labelVariable="State of the gateway" | ||
valueVariable="OFF" | ||
CONCH | nameService | nameService |
nameEvent="CONCH " | ||
labelVariable=”Configuration” | ||
valueVariable="UPDATE" | ||
SRVFL | nameService | nameService |
nameEvent="SRVFL " | ||
labelVariable="Service ERROR" | ||
errorService | valueVariable | |
SNMPAuthenficationFailureSNAUF | nameService | |
nameEvent="SNMPAuthenficationFailure " | ||
labelVariable="Authentification" | ||
valueVariable="Failure" | ||
eventinfoEVTIF | nameService | nameService |
nameEvent="eventinfo " | ||
nameEvent | labelVariable | |
valueEvent | valueVariable | |
eventwarningEVTWA | nameService | nameService |
nameEvent="eventwarning " | ||
nameEvent | labelVariable | |
valueEvent | valueVariable | |
eventfatalEVTFA | nameService | nameService |
nameEvent="eventfatal " | ||
nameEvent | labelVariable | |
valueEvent | valueVariable |
...
The configuration of the plugin allows the link between the audit variables and the SNMP trap objects. It also allows to fill in the following information:
...
Attributes definition
Attribute | Description | Expected values | Mandatory |
---|---|---|---|
oid | OID of the trap or OID of the objects include in the trap | texte value respecting OID format | Yes |
"1".."7" | Order index number of the objects include in the trap | "1" to "7" | Yes |
dest | name of the object in the trap | string | Yes |
origin | origin of the data | "audit", "env", "static" | Yes |
value | Value of the data |
|
...
|
...
Yes |
Configuration :
{
"link_audit_trap": {
"description":"Correspondence between audit and trap",
"type":"json",
"default":"",
"order":"1",
"displayName":"Link audit trap"
}
}
...