CHAPTER3 SNMP Trap Events (Notifications)
MSBR | SNMP Alarms
3 SNMP Trap Events (Notifications)
This section describes the device's SNMP trap events (logs).
These traps are sent with the severity varbind value of ‘Indeterminate’. These traps don’t ‘Clear’
and they don’t appear in the Alarm History table or Active Alarm table. The only log trap that
does send 'Clear' is acPerformanceMonitoringThresholdCrossing.
Intrusion Detection System (IDS)
This section describes the trap events concerned with the Intrusion Detection System (IDS)
feature.
IDS Threshold Cross Notification Trap
Table 3-1: acIDSThresholdCrossNotification
Event acIDSThresholdCrossNotification
OID 1.3.6.1.4.1.5003.9.10.1.21.2.0.100
Description The alarm is sent for each scope (IP or IP+Port) crossing a threshold of
an active alarm.
Description The trap is sent for each scope (IP or IPport) crossing a threshold of an
active alarm.
Default Severity
Event Type Other
Probable Cause
Alarm Text Threshold crossed for scope value IP. Severity=minor/major/critical.
Current value=NUM
Status Changes
Corrective Action 1. Identify the remote host (IP address / port) on the network that
the Intrusion Detection System (IDS) has indicated as malicious.
The IDS determines a host to be malicious if it has reached or
exceeded a user-defined threshold of malicious attacks (counter).
2. Block the malicious activity.
- 64 -
To Next Page
Loading...
Need help?
General
