Event Description: {0}
Dell iDRAC User Tracking Trap alert
The Dell iDRAC generated a User Tracking trap alert. Probable causes and corresponding resolutions for this condition are:
Cause | Resolutions |
Login attempt alert for <username> from <IP Address> using <interface name>, IP will be blocked for <seconds> seconds. | Contact the iDRAC administrator and make sure the username and password credentials used are correct. Check the Lifecycle Controller Log (LC Log) to see if more unauthorized iDRAC access attempts are occurring than would be expected due to forgotten account names or passwords. |
The Front Panel USB Port Over Current is detected for the attached device on Disk.USBFront. <port number>. | Reinsert the USB device in the Front Panel USB Port and retry the operation. If the issue persists, use a different USB device. |
Launch DRAC Console and troubleshoot further.
Target | Dell.RemoteAccess.iDRAC7 | ||
Category | AvailabilityHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
|
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | System.NetworkManagement.SnmpTrapEventProvider | Default |
Alert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Dell.iDRAC7.SNMPTrap.8490" Enabled="true" Target="DAD!Dell.RemoteAccess.iDRAC7" ConfirmDelivery="false" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>AvailabilityHealth</Category>
<DataSources>
<DataSource ID="DS" TypeID="Node!System.NetworkManagement.SnmpTrapEventProvider">
<IP>$Target/Property[Type="DAD!Dell.RemoteAccess.RAC"]/IPAddress$</IP>
<OIDProps>
<OIDProp>.1.3.6.1.4.1.674.10892.5.3.2.4.0.8490</OIDProp>
</OIDProps>
<EventOriginId>$Target/Id$</EventOriginId>
<PublisherId>$Target/Id$</PublisherId>
<PublisherName>iDRAC</PublisherName>
<Channel>SnmpEvent</Channel>
<LoggingComputer/>
<EventNumber>8490</EventNumber>
<EventCategory>5</EventCategory>
<EventLevel>10</EventLevel>
<UserName/>
<Params/>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="Alert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertName/>
<AlertDescription/>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="Dell.iDRAC7.SNMPTrap.8490.Rule"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[4]/Value$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>
<SuppressionValue>$Data/Channel$</SuppressionValue>
<SuppressionValue>$Data/PublisherName$</SuppressionValue>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
<SuppressionValue>$Data/EventCategory$</SuppressionValue>
<SuppressionValue>$Data/EventLevel$</SuppressionValue>
<SuppressionValue>$Data/UserName$</SuppressionValue>
<SuppressionValue>$Data/EventNumber$</SuppressionValue>
<SuppressionValue>$Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[3]/Value$</SuppressionValue>
<SuppressionValue>$Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[4]/Value$</SuppressionValue>
<SuppressionValue>$Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[6]/Value$</SuppressionValue>
<SuppressionValue>$Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[8]/Value$</SuppressionValue>
</Suppression>
<Custom1>Alert Message ID = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[3]/Value$ </Custom1>
<Custom2>Alert Message = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[4]/Value$ </Custom2>
<Custom3>Alert Status = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[5]/Value$ </Custom3>
<Custom4>Alert Service Tag = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[6]/Value$ </Custom4>
<Custom5>Alert FQDN = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[7]/Value$ </Custom5>
<Custom6>Alert FQDD = $Data/EventData/DataItem/SnmpVarBinds/SnmpVarBind[8]/Value$ </Custom6>
<Custom7/>
<Custom8/>
<Custom9/>
<Custom10/>
</WriteAction>
</WriteActions>
</Rule>