Augur^®-TS
TrapStation

TrapStation logs and forwards SNMP traps, usually to distributed management systems. You can selectively route traps, translate any SNMP version, filter, correlate events, apply thresholds, and modify varbinds. Then view graphs, search logs, and replay traps. TrapStation is a modern design, backed by decades of event-handling experience.

Modernize

TrapStation was designed to leapfrog legacy forwarders: TrapEXPLODER^®, TrapBlaster^TM, LooperNG, etc. Enjoy SNMP v3 encryption/security, trap modification, search/replay, a browser interface, and full support.

Tree-based Rules

TrapStation maps incoming traps to your rule tree nodes. Each node has a filter to test traps, and options to log and forward matching traps. Nested tiers form progressively specific tests, which reduces the complexity of individual rule nodes. Nesting ensures that a partially-matched trap falls into a fail-safe rule node. And in general, TrapStation's tree-based rules promote a logical organization that is safer to maintain over time.

Your Traps, Categorized

TrapStation's rule tree is a visual categorization of your traps. So rule pathnames are perfect buckets for statistics. Each trap's rule pathname is also stored in trap logs, so you can filter on it when using the search tool.

Search Tool

Your logs can accumulate millions or billions of traps. TrapStation helps you find the ones you need, with multiple layers of filters. You can browse or save results, and replay them to one of your targets for testing. You can filter the live stream too, collecting real-time results to browse/save/replay.

Trap Forwarding

You choose forwarding target(s) at each rule tree node. So to route some traps differently, just match them at a different node, then apply different targets. Targets are typically your SNMP managers, and sometimes log files. TrapStation's target plug-ins support special needs, for example: a "round-robin" load balancer; a direct integration to your database, Kafka, Splunk^®, etc. Do you need to convert v3 traps to v2 for feeding a legacy system, and simultaneously convert all v1/v2 traps to v3 for a secure external target? No problem.

NMS-Like Tools

Although TrapStation is not intended to replace your network management system, it includes validation options at each rule tree node. You don't have to use them, but they are available to help you significantly reduce forwarding of unwanted, spurious, redundant, and "flapping" traps to your NMS.

• TrapStation's rule engine correlates traps that you define as an alert or clear.
• Those alert and clear traps are automatically de-duplicated too.
• Prioritization can suppress traps you define as lower-priority alerts when a higher-priority alert state already exists.
• Thresholds can suppress traps until they reach your critical rates, (e.g. ">10 per hour").

For Advanced Users

TrapStation's rule tree nodes are powered by a JavaScript^® engine that has been enhanced for trap-handling. You can perform calculations, query trap fields, manipulate varbinds, and more, while using the well-known JavaScript syntax. Your work can be spread across script engines, for true multi-threaded scaling. Also, a Java^TM virtual machine is integrated with the JavaScript engine, so your rules can access external systems via Java's vast APIs.

Beyond Traps

Other event streams can be handled by your rule tree too: syslog, webhook, alarms, etc. Parser plug-ins make a protocol's event fields available to your rule scripts. For example, the syslog parser plug-in helps you reliably access each log's fields, and other parsers decode the fields of binary protocols. Formatter plug-ins help you reshape logs and forwarded events. For example, sensitive information can be stripped, looked-up data can be added, and the entire syntax can be changed, e.g. to JSON. And of course TrapStation can convert any event to an SNMP trap, then forward/log just like all your native traps.

DevOps-Friendly

Installation is just a tar file, with no dependencies. Next, TrapStation's rule tree compartmentalizes your custom logic to limit your scope of work, and potential problems. The GUI has pre-deployment testing tools, and provides one-click deployment without downtime. Both live and historical reporting provides operational feedback. So time to code/test/deploy meets DevOps' speedy expectations.

Enterprise

TrapStation addresses the special concerns of large companies: redundancy, security/encryption, and centralized authentication/authorization:

• High-availability: split-second mode switching when HA peer connection lost/restored
• Encryption: SNMP v3, HTTPS browser-based GUI, and sensitive configuration files
• Authentication/Authorization: Single Sign-On (SSO via SAML), LDAP, or TACACS+
• Integrations: Apache Kafka, Splunk, etc.

Speeding Through Trap Storms

Bursts of trap traffic (thousands per second) are safely handled by TrapStation, and real-world throughput is engineered for the busiest network conditions: millions of traps per hour. Logs are optimized for speedy search results too.

Requirements

Client: Any modern web browser
Server*:

• Linux (Any distro with kernel v4.18+, e.g. RHEL8+. Unix/MacOS/Windows can be supported if needed.)
• 4 CPUs/cores @ 3 GHz
• 2 GB RAM
• 200 GB storage (mostly for logs)

* Amounts for the TrapStation process. Other processes on your machine may require additional resources.

Demo

Please request a web meeting, for a few slides and a live demo. A free trial is available too.

More

Thanks for exploring TrapStation. Also consider its various use cases. Or see what customers are saying.