Scroll to...
Intro One Target Routing HA Enrichment Testing Text-to-Trap Security Reduction ForensicsTrapStation is more than just a "trap forwarder." It has been designed for multiple roles:
When you have many agents to configure, or your equipment only allows one trap target, it is useful to have a single destination that can route traps further. This basic hubbing feature ensures that the multitude of your equipment can be easily configured, then tweaks can be broadly applied in TrapStation's centralized configuration.
If you have a very large network with differentiated NMS pairs, TrapStation can ensure that each NMS is fed with only the appropriate traps for its purpose.
Deploy a pair of TrapStations to receive identical trap feeds from your elements. Configure different TrapStation service modes for "normal" and "fail-over" situations. TrapStation will monitor its peer and immediately switch to "fail-over" mode when its peer connection drops, then switch back to "normal" when restored.
Using TrapStation's enhanced JavaScript syntax, you can enrich traps by editing or adding varbinds. New data can be computed, looked up from a plain file, or possibly retrieved from external sources such as a database. For example, you might add customer information to a trap. Your enriched traps are then used for logging and forwarding.
Log search results can be displayed in your browser, but they can also be forwarded as if they were live traps. That can be useful to re-play an incident, and for testing your NMS after you edit its rules.
TrapStation can process your text events in the rule tree too. Each text event gets a skeleton SNMP v2 trap that your rules can configure with data parsed from the event. Then you can forward and log it like any other trap. You can SNMP-enable your syslog, an automated email account, your in-house programs, etc.
SNMP version 3 updated the standard with encryption and authentication features. But not all of your agents may be able to send traps as v3. TrapStation will optionally convert traps to v3. You can specify that policy per forwarding target. The security of v3 is especially important if any of your NMS trap targets have to cross any public or non-secure network boundaries.
TrapStation includes many filtering tools to help you reduce the number of traps that need to be forwarded in the first place, and that offloads your: infrastructure, and your NMS workload, and reduces the noise your technicians have to ignore too. You could filter in your NMS, but it makes sense to do it before unwanted traps are forwarded to multiple places.
TrapStation keeps detailed trap logs. And it has a handy search tool for finding traps. You can search back a year or more. You can filter by time range, rule nodes, addresses, and varbind content. Matching traps are displayed with their matching rule node too, so you can see how a trap was processed.
