I'm wanting to set up PRTG to create a ticket from each received SNMP trap, so that the investigation and resolution of these events can be tracked end-to-end. I am using the 'Ticket Notification' Notification Template, which is creating a ticket using the trigger:
Volume Trigger - When Messages channel has reached 1 per Hour, perform Ticket Notification
This creates one ticket for any messages received in that minute. There are a few problems with this, though:
1. The ticket doesn't include any information on the SNMP traps that generated the ticket (the %trapmessages placeholder is only available for notification via email, not ticket notification).
2. If there are multiple traps that come through at the same time, only one ticket is generated. This causes issues if, for example, one event is investigated by one team and another event by a different team.
Is there a way of getting PRTG to create a ticket every time a SNMP message is received?
The problems your are experiencing are due to the way our SNMP Trap Receiver Sensor is built. Its designed to "sum up" the received traps and therefore does not distinguish between specific traps when doing notifications.
You could use multiple "SNMP Trap Receiver Sensors" and use filters to show only specific Traps in the different sensors. But be aware that a network-device normally can send traps to only one destination (Trap Receiver). So you could create one Trap Receiver for your Firewalls, one for your Routers and one for your Switches.
Unfortunately, you can not include the trap information in Ticket Notifications. At the moment, the only option is to stick with email notifcations and unsing the "%trapmessages placeholder".
Kind regards,
Matthias Kupfer - Team Tech Support
Apr, 2020 - Permalink