Viewpoint alert escalation to third party products like Splunk

Third Party Software
Enthusiast

Viewpoint alert escalation to third party products like Splunk

Currently we utilize Viewpoint alerts for monitoring of our Teradata systems.  Non-critical alerts are sent via email, and critical alerts are sent via SNMP traps to our central monitoring tool.

 

Over time, the majority of our system monitoring has been migrating to Splunk.  As a result it has come time that the SNMP infrastructure is being retired.  We need to find a solution for esclating our critical alerts from Viewpoint. Teradata has indicated that Viewpoint is not able to process alerts into flat files for pickup by Splunk, and Viewpoint is not able to write to the syslogd daemon for escalation.  These are 2 options that were proposed by our Splunk team.

 

Our corporate standard has become Splunk for monitoring.  I am soliciting input from the community on any experiences on how others have integrated a Teradata system with Splunk for monitoring.

 

Thanks in advance.

Tim

1 REPLY 1
Highlighted
Teradata Employee

Re: Viewpoint alert escalation to third party products like Splunk

At least two general approaches:

  • Have Viewpoint send SNMP traps to a server running a simple "listener" such as snmptrapd (Net-SNMP) which can write the information to a file that Splunk monitors, as explained in Splunk documentation.
  • Install the Teradata Notification Service on a Linux or Windows server, as explained in Teradata Viewpoint installation documentation, and have Viewpoint "run a program" on the notification server to supply the information to Splunk