-
Type:
Enhancement
-
Status: Resolved (View Workflow)
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 23.0.1, Meridian-2018.1.3
-
Fix Version/s: 23.0.2, Meridian-2018.1.4
-
Component/s: None
-
Security Level: Default (Default Security Scheme)
-
Labels:None
Some EIF event sources use a different version of the protocol, which is incompatible with OpenNMS's current parser.
One such source was observed to have a 36-byte offset from <START>> to the beginning of the event, instead of the 37 bytes that OpenNMS currently expects.
The header doesn't contain any versioning information, but the 36-byte offset messages can be identified by comparing two, two-byte values for equality:
37 bytes of header <START>>[22 null bytes] [2 byte identifier] [3 null bytes] 0x04 0x03 [message] 0x0a 0x01 0000 00 00 00 01 00 06 40 55 39 21 17 43 00 00 08 00 ......@U9!.C.... 0010 45 00 00 5c 1b 04 00 00 3b 06 e4 20 0a 01 63 3f E..\....;.ä ..c? 0020 0a 01 09 37 f6 a1 07 24 2e 20 e5 dd 76 e8 b9 62 ...7ö¡.$. åÝvè¹b 0030 80 18 7f f9 fd fe 00 00 01 01 08 0a 63 59 9f 29 ...ùýþ......cY.) 0040 25 8b 93 1f 3c 53 54 41 52 54 3e 3e 00 00 00 00 %...<START>>.... 0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0060 00 00 02 1f 00 00 00 04 03 49 54 4d .........ITM 36 bytes of header <START>>[22 null bytes] [2 byte identifier] [2 null bytes] [2 byte identifier] [message] 0x0a 0x01 0000 00 00 00 01 00 06 02 23 e9 a0 7a 04 00 00 08 00 .......#é z..... 0010 45 00 02 16 8b 6a 00 00 3f 06 7e 31 0a 01 ec 37 E....j..?.~1..ì7 0020 0a 02 70 0c fd 5f 07 24 b9 e6 a1 a3 af 2f 66 c5 ..p.ý_.$¹æ¡£¯/fÅ 0030 80 18 80 00 ed 0d 00 00 01 01 08 0a 5b 06 10 47 ....í.......[..G 0040 c4 34 6c 7f 3c 53 54 41 52 54 3e 3e 00 00 00 00 Ä4l.<START>>.... 0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0060 00 00 01 be 00 00 01 be 4d 61 69 6e 66 72 61 6d ...¾...¾Mainfram
Update the EIF adapter so it can handle both versions of the EIF protocol.