Mid Level Manager MIB and SNMP Script Language David Levi SNMP Research levi@snmp.com ======== History o Language designed for XNETMON ~late 1992 o Customers requested language without GUI ~mid 1993 Created Mid-Level Manager o Customers requested a GUI to help configure MLM ~early 1994 Created Mid-Level Manager config tool ======== Goals o Ease burden of management stations o Reduce/localize network traffic o Expand domain of manageable devices o Automatic corrective behaviors ======== Architecture _________________________________________ | ________ Other | | ____ ____ | MLM | ____ Mgmt | | | || | | config | | | Apps | | | || | | tool | | | ----- | NMS | |____||____| |________| |____| | | \ \ | / | | \ \ ______|______ / | | \____| Brass |/ | | | Server | | | |_____________| | |___________________|_____________________| | ___________________|_____________________ | ________________ | | | Emanate | | | | Master | | | | Agent | | | Other |________________| | | Subagents / | \ | | ____ / | \ ____ | MLM | | |__/ _____|____ \___| | | | | | | | | | | | |____| | | |____| | | |---MLM----| | | ____ | | ____ | | | | |__________| | | | | | | | | | | | |____| _____|____ |____| | | \ | Brass | / Other | | \____| Server |____/ Mgmt | | |__________| Apps | |___________________|_____________________| / / | \ \ / / | \ \ / | | | \ __ __ __ __ __ || || || || || -- -- -- -- -- Agents ======== Architecture _____________ | Master | | Agent | |_____________| | | __________________|____________________ | Emanate SADK Library | |_______________________________________| | MLM MIB | _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ | Script Engine Library | |_______________________________________| | Brass MADK Library | |_______________________________________| | | ______|______ | Brass | | Server | |_____________| ======== MLM MIB 3 Tables: o mlmScriptTable o mlmCompileTable o mlmResultTable mlmScriptTable used to upload/download Scripts between the MLM and manager, e.g., the MLM config tool Scripts are stored as Octet Strings ======== mlmCompileTable used for configuring and running scripts o can contain filename of script or pointer to mlmScriptTable o can specify arguments to pass to a script o can specify frequency to run script periodically o can command script to be run once ======== mlmResultTable used to make result of running script available in MIB variables o Scripts return varbind lists o result table contains encoding of varbind lists: mlmResultOID mlmResultType mlmIntegerValue mlmOctetStringValue etc. . . . [blech] ======== Script Language o All variables are varbind lists o Basic control structures (if, while) o Various logical/mathematical operators o Language can be extended by registering C functions with script library o Scripts run asynchronously ======== Basic Script Capabilities o SNMP operations (get, set, etc.) result assigned to script variable o Send trap or M2M inform request o Log data to a file o Fork, call, or jump to another script o Launch another application ======== Experience Have written many MLM applications, for example: o Intruder detection script - uses RMON to capture source addr of packet - script checks if packets are from a "trusted" device - if not, script issues a warning (should be a set request, send e-mail, etc.) o Audio counter-attack script - monitors audio MIB for noise level - if level is above threshold, turn on UPS with set - if level stays above threshold, do set to play back the noise o M2M-like scripts - retrieves several MIB variables, possibly from several agents - combines the variables using a mathematical expression - if a threshold is crossed, send an inform request ======== Future Directions o MLM MIB Separate mlmCompileTable into an "available scripts" table and a "script execution" table o Explore alternative means for NMS applications to get results from MLM o Define useful extensions to script language o Harmonization between script language and SNMP-TCL