CHAPTER7 SNMP Traps
Mediant 800 SBC | SNMP Reference Guide
Alarm acIDSPolicyAlarm
Default
Severity
-
Event Type Other
Probable
Cause
Alarm Text "<Severity> (enum severity) cross. Policy: <Name> (<Index>), Rule: <Name>,
Last event: <Name>, Source: <IP Address:portprotocol>, SIP Interface:
<Name> (<Index>)"
For example:
"Major threshold (3) cross. Policy: My Policy (3), Rule: Malformed messages,
Last event: SIP parser error, Source: 10.33.5.111:62990udp, SIP Interface:
SIPInterface_0 (0)."
Severity Condition Text Corrective Action
Minor or
Major
(depending
on crossed
threshold)
Threshold of a spe-
cific IDS Policy rule is
crossed.
(see Alarm
Text
above)
1. Identify additional traps
(acIDSThresholdCrossNotification)
that were sent alongside this
Intrusion Detection System (IDS)
alarm.
2. Locate the remote hosts (IP
addresses) that are specified in
the traps.
3. Examine the behavior of those
hosts (with regard to the reason
specified in the alarm), and
attempt to fix incorrect operation.
4. If necessary, change the con-
figured thresholds in the IDS Rule
table under the IDS Policy table.
SNMP Event Traps (Notifications)
This subsection details traps (events) that are not alarms. These traps are sent with the
severity varbind value of ‘Indeterminate’. These traps don’t ‘Clear’ and they don’t appear in
the Alarm History table or Active table. The only log trap that does send 'Clear' is acPer-
formanceMonitoringThresholdCrossing.
- 158 -
To Next Page
Loading...
Need help?
General
