...
- create a probe that gets the desires SNMP object(s)
- add that probe to the "Triggers Probes" section of the Linux SNMP classifier
- write a replacement sensor (next section)
Sensor Replacement
*replace the sensor
You can probably do this with XML field mapping as well, but here is a very simple scripted sensor that works
...
from an SNMP probe payload:
| Code Block |
|---|
/*
* bw - sensor for SNMP Distribution discovery (Yale SNMP Discovery)
*
* william.west@yale.edu
*/
new DiscoverySensor({
process: function() {
//
// XML should be in var payload (a global)
var element = XMLUtil.getText(payload, '//unk_111');
var rows = element.split('\n'); //expecting multiple lines
current.os = rows[0];
current.os_version = rows[1];
},
type: 'DiscoverySensor'
});
|
- list the new sensor in the "Sensors" section of the appropriate probe record
...