|
Preferences |
Здесь Вы можете изменить параметры интерфейса программы :
- Colors palette - палитра цветов (стандартная windows'ская, зеленое на черном, желтое на синем, голубое на синем)
- Fonts- шрифт текста в окнах с информацией и фонт для telnet клиента
- Help language - язык помощи (help language) (Русский, Английский, Испанский)
- Tab position
можно выбрать где будут размещатся закладки страниц : сверху (Top) или внизу (Bottom) окна.
- Auto save options of main window pages
Если включена эта опция то при нажатии кнопки [Start] утилита запоминает
свои параметры, например имя хоста. IP-Monitor запоминает размеры своих подокон.
И при следующем запуске программа восстанавливает запомненные значения.
- Auto save current page
Если включить эту опцию то программа будет запоминать (и при следующем запуске выбирать) активную утилиту.
- Kept in lists recent addresses
если включить эту опцию то программа будет запоминать введенные вами адреса в списках.
- Clear old info
если включить эту опцию то при нажатии на кнопку Start старое содержимое
окна будет удалятся
- Scroll down
по завершении работы утилиты перемещается в низ окна
- Minimize to tray отвечает за минимизацию IP-Tools в tray.
- Always top
если включить то IP-Tools будет всегда поверх других окон, даже если активна другая программа.
|
|
Interface |
Interface options:
- Toolbar position
Показать панель инструментов (toolbar) сверху/снизу или совсем ее не показывать.
- Tabs position
Тоже самое для закладок страниц (утилит).
- Allow page multiline
Если включить эту опцию то закладки страниц (утилит) программы при необходимости
будут размещатся в несколько строчек. А если не включить то
закладки будут в одну строчку но с кнопочками для скролинга.
- Status bar
Показать/спрятать строку состояния (status bar).
- Show ScanList dialog when user marks "Use list" option
Некоторые утилиты (NetBIOS, Lookup, все сканеры) могут работать со списками адресов.
Если Вы включите эту опцию, IP-Tools будет показывать диалог с этим списком адресов каждый раз когда
Вы будете включать опцию "Use list".
|
|
HTML Colors |
Настройка цветов для HTML отчетов и лог файлов.
|
|
Sound |
А на этой странице задаются звуковые эффекты для разных событий
(завершение работы утилитами, изменение статуса контролируемого хоста, ...)
|
|
Connections |
Параметры утилиты "Connections"
Auto refresh
Если эта опция включена то через заданное Вами время программа обновляет информацию о соединениях.
Save to log file
Эта опция отвечает за запись истории всех соединений (или открытия портов) в указанный Вами лог файл.
- Display host names
Показывать имя хоста вместо IP адреса
Display port names
Если включить эту опцию то IP-Tools вместо номера порта будет показывать его имя
(имя берется из списка портов - файл servises.lst)
Filter
Здесь можно указать какие типы портов и состояния показывать в списке.
TCP или UDP, порты с уже установленными соединениями или порты которые
ждут соединения, и т.д.
Address filter
А это фильтр по адресам, имеет три варианта : "Not filtered" - отключен,
"Include filter" - показыать все соединения которые входят в заданный список адресов,
"Exclude filter" - показывать все соединения кроме тех которые входят в заданный список.
В списке адресов можно задавать как по одному адресу в строке, так и диапазон адресов, например "194.16.15.1 - 194.16.15.48".
Apply for
А здесь можно указать для каких адресов применять фильтр : для IP адресов удаленных машин (Remote IP), для адресов вашей машины (Local IP) или для того и другого (Both).
|
|
NB Scanner |
Options for NB Scanner :
Ping before scan resources
если включить эту опцию то перед сканированием выделенных ресурсов программа пропингует
машину по IP адресу и если не дождется ответа то перейдет к следующему адресу.
Параметры пингования см. на странице Ping/Trace
- Skip address if no answer
Не сканировать адреса которые не ответили на ping
Get host name before scan
а если включить эту опцию то прежде чем сканировать ресурсы программа попытается
узнать имя машины по IP адресу. Если это не удастся и опция "Skip address if cannot resolve"
включена то ресурсы сканироватся не будут, программа перейдет к
следующему адресу из списка.
- Skip address if cannot resolve
Enable this option to skip addresses which cannot be resolved to host names
- Detect OS
При включенной опции IP-Tools будет пытаться определить тип операционной системы на удаленной машине.
Работает если Вы запускаете IP-Tools на Windows NT/2000, не работает на Windows 9x/ME
- Scan resources
Искать выделенные ресурсы на удаленной машине: диски, принтера
- Sound when resource found
Здесь определяется звуковой файл (wav, mid, etc) который IP-Tools будет проигрывать когда найдет какой либо ресурс
|
|
SNMP Scanner |
Here you may administer SNMP Scanner settings.
Prior to scanning
Following options specify which preliminary checks should be made before performing basic SNMP requests:
- Ping before scanning resources
If enabled, IP-Tools tries to ping the host prior to performing SNMP requests. If the host does not respond
and "Skip address that is not responding" option is enabled, the program proceeds to the next host on the list.
For ping options see the Ping/Trace page in the Options dialog.
- Skip address that is not responding
Enable this option to skip hosts that do not respond to echo packets
- Get host name before scanning
If enabled, IP-Tools tries to resolve the IP address into a host name prior to performing SNMP requests. If name resolution fails and "Skip address that cannot be resolved" option is enabled, the program proceeds to the next host on the list.
- Skip address that cannot be resolved
Enable this option to skip addresses that cannot be resolved to host names
Scan options
Here you may specify parameters of basic SNMP queries:
- Port
Specify the port number on which the host (SNMP agent) is listening for incoming UDP packets. Default and
standard value is 161
- Timeout
This is the amount of time in milliseconds the program will wait for a response from the server before
considering the request as failed (if "Retries" parameter is greater than 1, scanner may perform several
requests).
- Retries
Specifies the communications retry count.
- Community strings
This option lists strings to utilize as SNMP community names while communicating with the hosts. To add new
string - click "Add item" button or press Insert key. To edit existing string - select the string in the
list and click "Edit item" button or double click on the string. To remove item - select the string and
click "Remove item" button. If you want to temporarily exclude some items from scanning process, unmark
the line.
You may select as many community strings as you wish. Remember though, the more strings you add, the longer
it could take for the scanner to discover network. SNMP Scanner tries to detect correct community string
for each device starting at the top of the list, so you should place the most commonly used community strings
at the very top of the list. You can rearrange the order of the community strings using the "Up" and "Down"
buttons.
Request additional information
In addition to standard requests that provide information about System ID, UpTime, Interfaces, etc, you may setup
IP-Tools to retrieve additional information. You may ask utility to request the value of any counter(s) supported
by SNMP agent.
To add a request field - click "Add item" button or press Insert key. In the popup dialog you should provide OID
(OBJECT IDENTIFIER) of the counter and the name of the field (name that will be displayed as column header in the
scanner utility, HTML report, etc). E.g. OID 1.3.6.1.2.1.4.1.0 addresses the counter that indicates whether host
is acting as an IP gateway or not.
To edit the field - select the item in the list and click "Edit item" button or double click on the item.
To remove item - select the line and click "Remove item" button. If you want to temporarily exclude some
requests from scanning process, unmark the line.
|
|
Port Scanner |
Options for ports Scanner :
Get host name before scanning ports
если включить эту опцию то прежде чем сканировать порты программа попытается
узнать имя машины по IP адресу, и если это не удастся то порты сканироватся не будут,
программа перейдет к следующему адресу из списка
- Skip address if cannot resolve
Enable this option to skip addresses which cannot be resolved to host names
Ping before scanning ports
а если включить эту опцию то перед сканированием портов программа пропингует
машину по IP адресу и если не дождется ответа то перейдет к следующему адресу
Параметры пингования см. на странице Ping/Trace
- Skip address if no answer
Пропускать адреса которые не ответили на ping
Show port names
Если включить эту опцию то при сканировании рядом с номером порта будет выводится его имя.
Show port descriptions
Показывать описание портов.
IP-Tools может посылать данные в порт(ы) которые открыты на удаленной машине и показывать ответ от удаленной машины.
Show remote service messages
если поставить здесь галочку то программу не будет сразу после соединения
рвать connect, а подождет ответа от найденной машины. Ждать будет указанное в
следующем поле время.
Time for wait message
Вот тут и указывается сколько времени после коннекта ждать сообщения от сервера.
Send string to remote host
В этом поле задается строка которую программа может послать серверу.
Кроме того Вы должны задать список портов для сканирования. Вы можете задать этот список как текстовую строку
(например "21, 25, 43-80, 110-139"), или отметить порты в списке на странице "Ports".
|
|
Ports |
На этой странице Вы можете задать список портов для сканирования Ports Scanner'ом.
Список можно задавать проставляя галочки возле нужных портов или включить
опцию "Use list" и написать список нужных портов, например так "21,25,80-110".
What is a Port ?
The TCP port number identifies a process or application inside the computer.
Any application or process that uses TCP for its transport is assigned a
unique identification number called a TCP port. These ports are numbered
beginning with zero. Port numbers for client applications are dynamically
assigned by the operating system when there is a request for service. Port
numbers for server applications are preassigned by the IANA
(Internet Assigned Numbers Authority) and do not change.
A server application or process that uses TCP as a transport has at least
one preassigned port number. For example, the preassigned port numbers for
FTP server services are 20 (data) and 21 (control).
|
|
UDP Scanner |
UDP Scanner's options:
Get host name before scanning ports
If enabled, IP-Tools tries to resolve the IP address into a host name before scanning its ports. If
resolution fails and "Skip address if cannot be resolved" option is enabled, the program goes to the
next host in list.
- Skip address if cannot be resolved
Enable this option to skip addresses that cannot be resolved to host names.
Ping before scanning ports
If enabled, IP-Tools tries to ping the host before scanning its ports. If the host does not respond and
"Skip address if not responding" option is enabled, the program goes to the next host in list. You can
setup ping parameters on the Ping/Trace page in the Options dialog.
- Skip address if not responding
Enable this option to skip hosts that do not respond to echo packets.
Show hosts with open ports only
If this option is enabled, IP-Tools will not display any information for hosts with undetected open ports.
- Show port names
If enabled, meaningful port names are displayed beside port numbers.
Show service reply
With this option enabled IP-Tools will display reply time or data received from the hosts for each active
UDP service detected. Using "Display", "From", and
"Till" parameters of the UDP check you can choose what
information IP-Tools should display for each type of UDP service (e.g. DNS, SNMP, etc)
- Show port descriptions
If enabled, a short description of each port is displayed.
Timeout
Specify the amount of time (in milliseconds) that IP-Tools should wait for a response from the host.
Retries
If IP-Tools does not receive answer from a host, it can send request again. Use this option to set the
number of times IP-Tools will resend the data to the server before consider that tested port is not in use.
Services to scan (UDP checks):
Use this list to select one or more UDP services to scan. You can mark/unmark services one by one or use special
buttons (located in the right bottom corner) to mark all services, unmark all services, or invert selections for
whole list.
IP-Tools contains list of some popular UDP services (Echo, Daytime, Chargen, Time, DNS, etc). If you need to
check UDP service that is not in the list, you can add new item. To create "check" for UDP service, click
"Add service" button and fill up following fields in the "UDP Service check" dialog:
Port
Specify the port number on which the host is listening to incoming UDP packets. E.g. TFTP servers use port
#69, SNTP servers use port #123, Daytime servers use port #13, etc.
- Service name
Short name of the service
- Description
One line description of the service
Packet to send
Enter the packet data that should be sent to the host. Because of the fact that most UDP services accept
binary data, you may need to use sequences formatted %XX where XX is a hexadecimal code of a character
(byte). E.g. HELLO%0D%0A would send HELLO followed by a character ASCII 13 (line feed) and ASCII 10
(new line).
Filter
By default IP-Tools displays any service the answer received from. But you can specify special filters for any
service "check". If data received from the service will not satisfy filter conditions, service will not be
considered as active one, and will not be listed in a list of active UDP services.
Choose one of the conditions to consider service's response as "good":
| - any reply | service that sends any data in response to request packet will be considered as active |
| - reply contains | service will be considered as the active one, only when reply contains specified data (defined in "Compare with" field). |
| - reply doesn't contain | service will be considered as the active one, only when reply does not contains specified data (defined in "Compare with" field). |
| - reply equal to | service will be considered as the active one, only when reply equal to specified data (defined in "Compare with" field). |
| - reply not equal to | service will be considered as the active one, only when reply not equal to specified data (defined in "Compare with" field). |
Compare with
IP-Tools can compare data that was received from the server with specified string. As well as in
"Packet to send" field you can use sequences formatted %XX where XX is a hexadecimal code of a
character (byte). E.g. "%02public%00"
Display
When "Show service reply" option is enabled, this parameter defines what information will be displayed when
active UDP service detected. Choose one of the following options:
- Reply time
- Reply as text
- Reply as binary data
From/Till
Specify what part of the received data should be displayed. For example if you want to see 1st 5 bytes of the
service response, set "From" parameter to 1 and set "Till" parameter to 5. If you want to see service reply
starting from 10th symbol till 50th, set "From" and "Till" parameters to 10 and 50 correspondingly.
Examples:
To check TFTP service, fill up parameters with following values:
- Port: 69
- Filter: any reply
- Packet to send: %00%01filename%00%00netascii%00
where filename is the name of the file on the server. We recommend providing incorrect (fake) name of the file (in this case server will not start file transfer and you will avoid unnecessary network traffic).
To check SNTP service fill up test parameters with following values:
- Port: 123
- Filter: any reply
- Packet to send: %0B%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00
Yes, so long string, packet must contain 48 bytes, otherwise server will not respond.
|
|
Ping/Trace |
Тут задаются параметры для утилиты Trace и для всех утилит которые
используют ping (кроме Hosts Monitor'a, так как в мониторе
параметры теста определяются отдельно для каждого контролируемого хоста).
- "Packets to send"
определяет количество посылаемых ECHO пакетов
- "Packet Size"
задает размер ECHO пакета
- "TimeOut"
определяет timeout интервал в милисекундах
- "Time to Live"
значение TTL для посылаемых пакетов
- "Number of Hops"
specifies maximum number of hops to search for target
- "Show Hosts Description"
Начиная с 0.09 версии программа может выдавать информацию о доменах, хостах, etc.
(страницы LookUp, Scanner, ScanPorts, Trace с включенной опцией Use DNS).
Если эта опция включена то рядом с каждым именем хоста будет информация типа :
... www.chat.ru (Russia)
... www.gazprom.ru (Join-stock company GAZPROM, town Moscow, Russia)
... mainboss.xaxa.BD (Bangladesh)
|
|
WhoIs |
IP-Tools содержит встроенный список WhoIs серверов для всех top level доменов.
Но Вы можете создать ваш собственный список, причем информация из Вашего списка имеет приоритет выше чем из внутреннего списка
(тоесть IP-Tools будет искать сервер во внутреннем списке только если не найдет в Вашем).
Для каждого элемента списка определяется:
Domain - домен, например ".com", or ".ibm.com"
Comment - необязательное поле, просто комментарий типа "University of Victoria"
WhoIs server - адрес WhoIs сервера (IP адрес или доменное имя)
Port - номер порта (стандартный для WhoIs серверов - порт #43).
Max domain depth - ...
Server can return info about IP addresses - поставьте тут галочку если WhoIs сервер находит информацию не только по доменному имени но и по IP адресу
You could be a part of the community process to build up the WhoIs Server list.
Send to us your custom list, your list will be merged with contributions from other users, and an updated list will be sent back to you.
Use "Update" button to proceed this operation.
|
|
NS Lookup |
по умолчанию утилита Lookup использует Windows API и default DNS сервер но
в IP-Tools 2.0 или выше Вы можете переключить эту утилиту в режим
"Advanced Name Server Lookup". В этом случае Вы сможете изменить:
- DNS сервер
- порт и протокол (TCP, UDP)
- таймаут и количество попыток получить ответ от сервера
- тип запроса: A, ANY, CNAME, HINFO, MX, NS, PTR, SOA, или TXT
- включить или отключить рекурсию
- режим вывода информации: Full, Medium, или Compact
IP-Tools поддерживает следующие типы записей:
- A - a host address
- NS - an authoritative name server
- MD - a mail destination
- MF - a mail forwarder
- CNAME - the canonical name for an alias
- SOA - marks the start of a zone of authority
- MB - a mailbox domain name
- MG - a mail group member
- MR - a mail rename domain name
- WKS - a well known service description
- PTR - a domain name pointer
- HINFO - host information
- MINFO - mailbox or mail list information
- MX - mail exchange
- TXT - text strings
|
|
HTTP |
On this page you can define parameters of HTTP requests performed by HTTP utility.
Request
Choose type of the HTTP request:
- HEADER : request for HTTP header. Server will return status information about the document (HTTP header) but will not transfer data. It allows you to check web server functionality with minimum network traffic but you cannot check the content of the web page.
- GET: request the page specified by URL parameter. Server will return status information (HTTP header) and data.
- POST: send data (defined in "Post data" field) to the web server to be processed in some way, like by a CGI script. In this case URL is not a resource to retrieve; it's usually a program to handle the data you are sending. The HTTP response is normally the program output, not a static file. The most common use of POST is to submit HTML form data to CGI scripts.
Post data
If the URL is for a POST request, enter the post variables as
name1=value1&name2=value2. This option is used
to verify that a form is working correctly by performing the same request which occurs when a user submits a
form.
Follow redirect
This parameter determines the IP-Tools' behavior, when the server issues a redirect. When the option is enabled
IP-Tools follows redirect and retrieves new URL, specified by server.
Authorization
- User name
If the URL specified requires a name and password for access, enter the user name in this box.
- Password
If the URL specified requires a name and password for access, enter the password in this box.
Proxy
Optionally, a proxy server can be used to access the URL. Setup following parameters:
- Proxy address
Provide a domain name or IP address of the proxy server
- Proxy port
Specify TCP port used by proxy server
Proxy authorization
- User name
If the proxy server requires a name and password for access, enter the user name in this box.
- Password
If the proxy server requires a name and password for access, enter the password in this box.
Agent
Some server-based scripts can check agent's name and return different information for different HTTP
agents (e.g. generate different HTML pages for Internet Explorer or Netscape). You can change this parameter
to check functionality of the script in different modes.
Timeout
Specify the number of seconds that the IP-Tools should wait for a page to complete downloading before
timing-out. If the Timeout property is set to 0, IP-Tools will use default Windows timeout specified for
TCP protocol.
Display HTTP header and HTML tags
With this option enabled IP-Tools displays all data received from the server as it is. If you disable the
option, IP-Tools will not display HTTP header and will remove all HTML tags from the response.
Allow per-session cookies
With this option enabled IP-Tools remembers cookies received from the server, and sends them back in case of
redirection to another URL.
This option can be useful when you need to check some access-restricted resources. Often web-based
authorization systems use cookies to identify user. How it usually works:
- user opens login page, enters login and password, and clicks "Login" button;
- browser sends POST or GET request to a server with data entered by user;
- server checks login/password and (in case data are correct) assings session ID for the user;
- server sends cookie that contains ID to user's browser, and redirects user to another page;
- browser must store cookie and send it back to server every time it (browser) requests access-restricted pages
So, IP-Tools can work like your browser and (just for example) login to your mailbox to check whether you
have the new messages.
|
|
IP-Monitor |
Настройки IP-Monitor'а : интервал обновления информации, цвета фона и графиков,
количество линий в масштабных сетках и т.д.
|
|
Host Monitor |
Options for HostMonitor utility:
Style :
Report - показывать маленькую иконку и детальную информацию о каждом хосте.
List - показывать маленькую иконку и имя хоста
Icon - показывать большые икоки и имя хоста
Small Icon - показывать маленькую иконку и имя хоста (похоже на List, но по другому группируются элементы)
Show grid lines
При включенной опции IP-Tools будет рисовать сетку разделяющую элементы.
Start/Stop mode :
start upon loading - после загрузки IP-Tools запустит монитор
stop upon loading - не запускать монитор после загрузки
restore last status - восстановить статус который был в момент завершения работы
Refresh after edit :
Always check status after editing host properties
Ask about check
Does not refresh status after an edit
|
|
Host Monitor: Log settings |
HostMonitor's options, log file settings:
Log file
Save to specific file
Automatically change the name every month (MMYYYY-Log.ext)
Automatically change the name every day (DDMMYYYY-Log.ext)
Log is disabled
Если Вы выбрали режим автоматической смены имени лог файла, то в имени файла Вы можете задавать специальные макросы.
IP-Tools воспринимает текст ограниченный символами процента '%' как макрос (переменную),
заменяя 'DD' на номер дня (число), 'MM' - номер месяца, 'YY' - год (2 последние цифры года), 'YYYY' - год (4 цифры).
Примеры :
c:\ip-tools\log\%ddmmyy%.dbf - IP-Tools будет вести лог в каталоге "c:\ip-tools\log\" и менять имя лог файла каждый день.
%yyyy%.htm - вести лог в текущем каталоге (кстати не стоит так делать, так как текущий каталог постоянно меняется) и менять имя лог файла каждый год.
Save mode
Save all information
Save only if a host changes status
Если Вы выберете опцию "Save all information" то IP-Tools будет записывать в лог результаты всех тестов, независимо от того, изменился статус хоста или нет.
Этот режим полезен если Вам нужна детальная информация о времени доступа к хосту.
Но с другой стороны в этом случае лог файл будет быстро расти в размерах.
При выбранной опции "Save only if a host changes status" IP-Tools будет записывать только изменения в статусе (когда хост "умер" или "ожил").
Log file format
Text file
HTML file
Note:
Лог в формате HTML использует больше дискового пространства (около 800 байт на каждую запись) чем текстовый файл (около 80 байт на запись).
Но HTML лог конечно более наглядный и если IP-Tools будет записывать лог в каталог Вашего Web сервера, то лог можно легко просмотреть откуда угодно.
|
|
Trap Watcher |
|
Here you may specify general Trap Watcher settings and provide special processing options for all or some messages.
E.g. you may log all messages but send an e-mail only when message from specific device is received. Or you may
display all messages on screen and log [Link Down] and [Link Up] messages.
Settings:
Receive traps on UDP port #
This option specifies the UDP port number, which IP-Tools utilizes to listen for incoming messages. Default setting is 162.
Display
This option allows you to specify how many latest messages should be displayed on screen. Also you may specify what messages should be displayed:
- Display all received traps
All received messages will be displayed
- Display filtered traps only
Only messages that meet conditions of the filter will be displayed
- Display all traps, mark filtered
All received messages will be displayed, messages that meet conditions of the filter
will be marked by color (you can choose any color you want)
By clicking on "Date" column header you may change sorting mode for messages; newest messages could appear at the
top or bottom of the list.
Log
IP-Tools can log all or some specific messages into log file or files. Choose one of the following options:
- Log all traps
All received messages will be stored
- Log filtered traps
Only messages that meet conditions of the specified filter will be stored
- Disable logging
No messages will be stored in the log
IP-Tools may store information in Text or HTML format. If you provide path to the file with extension HTM or HTML,
IP-Tools will create HTML log file. Otherwise log will be in text format.
You may use special macro variables in the file name. This option allows you to create
separate log files for various messages. E.g. If you use %TrapHost% variable in the file name, IP-Tools will
create separate log file for each host from which a trap messages was received.
Execute external command
Here you may specify command that will be executed when any or specified message is received. Choose one of the following options:
- For all traps
Execute command in respond to every new message
- For filtered traps
Execute command in respond to messages that meet conditions of the filter
- Do not execute
Do not execute external programs
and provide command line to execute. You may use special macro variables in the command
line. When IP-Tools launches external application in response to received trap message, it substitutes macro
variable with its value pertinent to the trap message being received.
Macros:
Macro variables
You may use special variables in the log file name or in the command line to launch external applications:
| %TrapHost% | Represents IP address of the host that have sent the message |
| %TrapType% | Represents type of the trap. It provides information about generic type and enterprise specific number. Generic type could be one of the following: Cold Start, Warm Start, Link Down, Link Up, Auth Failure, EGP Loss and Specific. Enterprise specific number is only applicable when generic trap type is Enterprise Specific, otherwise enterprise specific number is 0 |
| %TimeTicks% | Represents time ticks. Time ticks is the time interval (measured in hundredth of seconds) since the initialization (boot, start-up) of the entity that have sent the trap. |
| %Enterprise% | Enterprise field contains an OBJECT IDENTIFIER which names the device that sends the trap |
Each trap message may contain one or several variables that provide information about the event. Following macro variables allow you to pass that information to external applications. |
| %MibOid% | Represents variable name (OID) |
| %MibType% | Type of the variable |
| %MibValue% | Variable value |
| %MibRelative% |
Relative value of the variable. This macro is applicable when you check incoming trap messages for some
specific variable and compare current value of the variable with its previous value (see
"Message contains OID" option in the Trap Filter dialog).
%MibRelative% may represent:
simple difference between current and previous value (if you use "increases by", "decreases by" or "changes by" compare option)
relative difference as a percentage of previous value (if you use "increases by (%)", "decreases by (%)" or "changes by (%)" compare option)
average increase/decrease of the counter per second since previous message (if you use "increases /sec", "decreases /sec" or "changes /sec" compare option)
|
When IP-Tools launches external application in response to received trap message, it substitutes macro variable
with the value of the appropriate message parameter.
E.g. to send an e-mail with information about traps you may use command line similar to this one:
"c:\program files\IP-Tools\samples\SendMail.exe" "To=admin@mycompany.com" "Subject=SNMP trap message from %TrapHost%"
"Body=OID: %MibOID% ^M Value: %MibValue%" StartAfterLoad
Using variables in the log file name allows you to store different messages in separate log files. E.g. If you
use %TrapHost% variable in the file name, IP-Tools will create separate log file for each host from which a
trap messages was received.
Filter:
You may setup filter and provide special processing for some messages. E.g. you may log all messages but send
an e-mail only when message from specific device is received. Or you may display all messages on screen and log
[Link Down] and [Link Up] messages.
In the Trap Filter dialog you may define one or more conditions to filter some specific events. Message passes the
filter only when it matches ALL specified requirements:
SNMP device
Match against the source device - device that have sent message. You can provide list of IP addresses and choose one of the following options:
| Any | messages from any device will be accepted |
| Any from the following | messages only from specified devices will be accepted |
| Any except the following | messages from any devices except specified will be accepted |
List editing tips
To add new items to the end of the list go to the last existing line and press Down Arrow key.
Press INSERT key to insert new item.
Press CTRL+DEL to remove item.
Press F2 to edit item.
Trap type (generic)
Match against the generic type of the trap:
| Any | select this option to accept messages of any type. |
| Any from the following |
if you want to accept just some type of messages, select this option and mark one or several possible event
types: Cold Start, Warm Start, Link Down, Link Up, Authentication Failure, EGP Neighbor Loss, Enterprise Specific
- Сold Start - the sender is reinitializing and its configuration may change
- Warm Start - the sender is reinitializing but its configuration will not change
- Link Down - failure in one of the agent's links
- Link Up - one of the agent's links has come up
- Authentication Failure - the agent received a protocol message improperly authenticated
- EGP Neighbor Loss - an Exterior Gateway Protocol neighbor is down
- Enterprise Specific - the trap is identified as not being one of the basic traps
|
Trap type (specific)
You can provide list of enterprise specific codes (numbers) and choose one of the following options:
| Any | accept messages of any type |
| Any from the following | accept only messages that have one of the specified enterprise specific types |
| Any except the following | accept messages with any enterprise specific type except those that are specified in the list |
List editing tips
To add new items to the end of the list go to the last existing line and press Down Arrow key.
Press INSERT key to insert new item.
Press CTRL+DEL to remove item.
Press F2 to edit item.
Enterprise
Enterprise field of the trap contains an OBJECT IDENTIFIER, which names the device that sends the trap. Here you may provide list of OIDs and choose one of the following options:
| Any | do not check Enteprise field of the traps |
| Any from the following | accept only messages from listed devices. |
| Any except the following accept | all messages except from the devices on the list |
Message contains OID
This option allows you to check incoming trap messages for some specific variable and
compare its value to some constant (string or numeric)
compare current value of the variable with previous value of this variable
Just provide OID (OBJECT IDENTIFIER) of the variable and choose one of the following compare conditions:
| is < than | message fits the condition when value of the variable is less than specified number |
| is > than | message fits the condition when value of the variable is greater than specified number |
| is = to | message fits the condition when value of the variable is equal to specified number or string |
| is <> from | message fits the condition when value of the variable is not equal to specified number or string |
| contains | message fits the condition when value of the variable contains specified string |
| does not contain | message fits the condition when value of the variable does not contain specified string |
| Also Trap Watcher has 9 conditions that allows you to check how new value had changed versus its previous value: |
| increases by | trap message fits the condition when new value is greater then the old one by specified number or more |
| decreases by | message fits the condition when new value is less then old one by specified number or more |
| changes by | message fits the condition when absolute difference between new and old value is equal or greater then specified number |
| increases by (%) | message fits the condition when new value had increased by specified (or greater) percentage versus the old one |
| decreases by (%) | message fits the condition when new value had decreased by specified (or greater) percentage versus the old one |
| changes by (%) | message fits the condition when an absolute difference between new and old values measured as a percentage of an old value is equal or greater then specified percentage number |
| increases /sec | message fits the condition when average increase of the counter (per second) is greater than the specified limit ((current value - old value)/elapsed time >= specified limit) |
| decreases /sec | message fits the condition when average decrease of the counter (per second) is greater than the specified limit ((old value - current value)/elapsed time >= specified limit) |
| changes /sec | message fits the condition when average absolute difference (change) of the counter (per second) is greater than the specified limit (abs(current value - old value)/elapsed time >= specified limit) |
If you use relative compare modes (increases by, changes by, decreases by (%), increases /sec, etc)
and various network sources can send the same variable, you should restrict the filter to accept SNMP Trap
messages from a single source only. Otherwise IP-Tools could compare messages received from different sources
(that usually does not make any sense).
|
|
Scan List |
Здесь вы можете задать список адресов которые будут использовать сканеры
(NB Scanner, SNMP Scanner, Name Scanner, Port Scanner, UDP Scanner, Ping Scanner, LookUp) при
включенной опции "From List". Кроме IP адресов вы можете задать диапазон
адресов (через символ '-') а также имена хостов.
Пример :
;-----------------------------------------------------------------
199.66.10.12
133.65.12.250 - 133.65.13.17
200.32.12.188 - 200.32.12.95 ; текст после ';' игнорируется
200.32.12.122 - 200.32.12.25
199.66.10.12
www.chat.ru ; для отдельного компьютера Вы можете указать его имя
www.garris.com - www.yahoo.com ; - ошибочная строка !
199.66.10.15
;-----------------------------------------------------------------
|
