Team,
I am having a hard time figuring out a solution that would work for this without involving a personal server. I have a Qradar syslog server. I want it to send an alert via snmp to NCM every time an IP at my edge router scans our network. I then want a job to run using the parsed IP address from the alert to deny it on the edge ACL.
I found this on setting up snmp traps but am not sure how to take that info and assign it to an variable that NCM uses when running the job (and then setting the job to run).
SNMP Trap Variable Bindings
Any help is greatly appreciated.
Orion Platform 2015.1.2, NCM 7.3.2, NPM 11.5.2, IVIM 2.1.0, QoE 2.0, NTA 4.1.0
