If you have been reading my posts on SNMP and management, you will see a pattern……. “I hate Microsoft’s position on open management”. It’s mostly because Microsoft will not make a move to SNMPv3. However, there is one thing that Microsoft did really well….. and that’s the ability to turn ANY windows event into a trap.
So, now, no matter who the application vendor is, if an event is created in the Event Viewer, you can translate it to a trap. Think of all the wonderful alarms you can get! It was kinda surprising to me how little this nugget of info was lost. So, I decided to write up an entry about it.
We are always going back to our resolved problems and asking ourselves, “How can we prevent this again”, or “How can we see this problem faster?” Or, at least, I would hope you ask yourselves those questions.
Well, more often than not, if it’s a Windows application, there is probably a Windows event that is generated prior to the problem happening. Some “symptom events”, if you like. Identify those events, and change them into traps.
Once you have a trap going to your NMS, you can alarm and escalate it as anything else.