Hi All,
From past 2 days m seeing below event being reported... I have discarded the traps coming in huge number from the IP but not sure if i need to do something else...
We see some of the same when our security scanners scan the syslog endpoint, so perhaps that's the same for you.
if it's always the same IP it should be easy to figure out what that server / device is running.
I have just asked my Network Team to check on the traps being sent...seems like auth failures being sent...
