Verifying your install

Here we assume that you already have ALEC deployed using either the monolithic or distributed deployments.

Testing syslog message handling

Here we work to verify that syslog messages are being properly converted to alarms and show that we can create a situation from multiple alarms.

Let’s start by provisioning a node for the localhost in OpenNMS:

$OPENNMS_HOME/bin/provision.pl requisition add alec
$OPENNMS_HOME/bin/provision.pl node add alec localhost localhost
$OPENNMS_HOME/bin/provision.pl interface add alec localhost 127.0.0.1
$OPENNMS_HOME/bin/provision.pl requisition import alec
We assume that the localhost is running an SNMP agent.

Now, let’s set the ifDescr for an interface on the node we just provisioned.

export IFDESCR="eth0"

Now trigger a Syslog message:

echo "<189>: $(date +"%Y %b %d %H:%m:%S %Z"): %ETHPORT-5-IF_DOWN_LINK_FAILURE: Interface $IFDESCR is down (Link failure)" | nc -v -u 127.0.0.1 10514

We expect to see a new "interface down" alarm attached to the node we just provisioned:

Interface down alarm
If the Syslog message is not being recognized and bring formatted to a proper event & alarm, ensure that the opennms-alec-plugin feature is running in OpenNMS and that the related bundles are active.

We can now trigger a second alarm against this same interface using:

echo "<189>: $(date +"%Y %b %d %H:%m:%S %Z"): %PKT_INFRA-LINEPROTO-5-UPDOWN: Line protocol on Interface $IFDESCR, changed state to Down" | nc -v -u 127.0.0.1 10514

If both of these alarms are triggered together in a small enough window of time (within 1 minute for the purposes of this example), a situation should be automatically created:

Situation

Congratulations you have correlated your first two alarms!

Viewing the ALEC graph

At any point in time, you can export the ALEC graph to view the inventory and alarms in context.

We can export the ALEC graph from a Karaf shell using:

opennms-alec:export-graph dbscan /tmp/dbscan.graph.xml
If ALEC is running on Sentinel, make sure to run this from the Sentinel shell.

Import the graph into OpenNMS using:

curl -X POST -H "Content-Type: application/xml" -u admin:admin -d@/tmp/dbscan.graph.xml 'http://localhost:8980/opennms/rest/graphml/alec'
If you get an error saying that a "Graph with name alec already exists", you can delete the previous graph using: curl -X DELETE -u admin:admin 'http://localhost:8980/opennms/rest/graphml/alec' and try again.

Next, navigate to the topology map, and view the graph named "alec". The resulting graph from the previous example looks like:

Topology