Advisor
ProfessorThis is generally not something you will be able to do from LM directly, though there is the BRIDGE-MIB you could scan for unexpected BPDU reception (bear in mind the BRIDGE-MIB is not directly VLAN-aware and you must use indexes or contexts to select VLANs other than VLAN 1).
The way you would normally protect the network depends on the platform, but the general solution is to set all edge ports to edge mode (sometimes manual, for example Cisco with spanning-tree portfast and similar, sometimes automatic, for example Procurve auto-edge detection). You then ensure any port receiving a BPDU that is on an edge port (how loops happen) either converts back to normal mode (for auto-edge) or shuts down (bpduguard).
The trick for Cisco bpduguard is there is no MIB to tell you this happened, but you can see from ‘show interface status err-disabled’ We wrote an eventsource to detect err-disabled ports via the CLI using SSH. It works well, but because the eventsource system in LM is so horrible you get inundated with repeated alerts you cannot ACK (though the system pretends you can). As long as you know that, you can workaround it using SDT.