Manualshelf

Brocade Fabric Watch Administrator's Guide - Supporting Fabric OS v7.0.x (53-1002153-02, March 2012)

ManualsBrandsHP ManualsStorageBrocade 8/24c Power Pack+ SAN Switch for BladeSystem c-Class
31323334353637383940
Fabric Watch Administrator’s Guide 11
53-1002153-02
Fabric Watch audit messages
1
You must configure the software to receive trap information from the network device. You must also
configure the SNMP agent on the switch to send the trap to the management station. You can
configure SNMP notifications using the snmpConfig command and you can configure notifications
using Fabric Watch.
For information on configuring the SNMP agent using the snmpConfig command, see the Fabric OS
Command Reference.
SNMP trap counters
When a counter is in the “in-between” state, Fabric Watch sends an informational SNMP trap.
See “In-between buffer values” on page 14 for an explanation of the concepts of “in-between”
boundaries and above high, below high, above low, and below low thresholds.
When a counter is above the high threshold or below the low threshold, Fabric Watch sends a
warning SNMP trap except for the power supply area of the environment (ENV), CPU, and
Memory classes. The severity of a Fabric Watch SNMP trap for CPU and memory will always be
informational.
See “Threshold values” on page 13 for a more thorough explanation of thresholds.
RASlog (switch event)
Following an event, Fabric Watch adds an entry to the internal event log for an individual switch.
RASlog stores event information but does not actively send alerts. Use the errShow command to
view the RASlog.
Locked port log
Following an event, the port log locks to retain detailed information about an event, preventing the
information from being overwritten as the log becomes full. This notification audit stores event
information but does not actively send alerts, which is done automatically when some thresholds
are exceeded and an alert is triggered.
For more information about locking, unlocking, and clearing the port log, see the Fabric OS
Command Reference.
Fabric Watch audit messages
Fabric Watch events caused by configuration value changes are tagged as Audit messages. When
managing SANs you may want to filter or audit certain classes of events to ensure that you can view
and generate an audit log for what is happening on a switch, particularly for security-related event
changes. These events include login failures, zone configuration changes, firmware downloads,
and other configuration changes—in other words—critical changes that have a serious effect on the
operation and security of the switch.
Important information related to event classes is also tracked and made available. For example,
you can track changes from an external source by the user name, IP address, or type of
management interface used to access the switch.