Tim,
Can't remember where I originally found this, but:
"This trap is sent from a RealSecure engine whenever a medium priority
event is encountered that the RealSecure engine is configured to send
traps for. The details of the event are contained in the trap."
Variables:
1: eventEntryName25
Syntax="Display String"
Descr="The name of the decode/event for this trap."
2: eventEntryTime25
Syntax="Display String"
Descr="The time the event was discovered relative to the RealSecure
engine."
3: eventEntryProtocol25
Syntax="Display String"
Descr="Protocol type for this event."
4: eventEntrySourceIpAddress25
Syntax="Display String"
Descr="Source Ip Address"
5: eventEntryDestinationIpAddress25
Syntax="Display String"
Descr="Destination Ip Address"
6: eventEntryIcmpType25
Syntax="Display String"
Descr="ICMP Type"
7: eventEntryIcmpCode25
Syntax="Display String"
Descr="ICMP Code"
8: eventEntrySourcePort25
Syntax="Display String"
Descr="Source Port"
9: eventEntryDestinationPort25
Syntax="Display String"
Descr="Destination Port"
10: eventEntryUserActionList25
Syntax="Display String"
Descr="A string which indicates what actions are configured for
this event.
Currently available actions:
KILL (Kill Session - ends a tcp-based session)
VIEW_SESS (Send Stream to Console for View Session)
EMAIL (Send an e-mail message to a configured email account)
LOG_RAW (Record stream data for later analysis or viewing)
DISPLAY (Send event to console)
LOG_DB (Record the event to database)
FIREWALL (Send message to lock firewall)
SNMP_TRAP (Send SNMP Trap to configured SNMP manager)
USER_SPECIFIED1 (User Specified 1 - launch a program as configured per
engine setup)
USER_SPECIFIED2 (User Specified 2)
USER_SPECIFIED3 (User Specified 3)
USER_SPECIFIED4 (User Specified 4)"
11: eventEntryEventSpecificInfo25
Syntax="Display String"
Descr="This variable contains a listing of other variables:values
which are specific to the given event."
Chers,
Robert
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Tim Beatty
Sent: 09 June 2005 14:11
To: [email protected]
Subject: [ISSForum] SNMP Trap breakdown
Could someone please provide a breakdown of the fields contained in
Proventia's SNMP traps?
Thank you!
Tim Beatty
_______________________________________________
ISSForum mailing list
[email protected]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to [EMAIL PROTECTED]
The ISSForum mailing list is hosted and managed by Internet Security
Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
_______________________________________________
ISSForum mailing list
[email protected]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to [EMAIL PROTECTED]
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
