Secure Computing IronMail 6.5.1 MIB.....
CT-SNMP-MIB DEFINITIONS ::= BEGIN
IMPORTS
OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-IDENTITY,
Integer32, Opaque, enterprises, Gauge32
FROM SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString, TruthValue, MacAddress
FROM SNMPv2-TC
NOTIFICATION-GROUP, MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB
InterfaceIndex
FROM IF-MIB;
ciphertrust MODULE-IDENTITY
LAST-UPDATED "200402160000Z" -- 16th February 2004
ORGANIZATION "CipherTrust"
CONTACT-INFO
" postal: CipherTrust, Inc.
4800 North Point Parkway
Suite 400
Alpharetta, GA 30022
phone: +1 678-969-9399
email: support@ciphertrust.com"
DESCRIPTION "This file defines the CT SNMP MIB extensions."
REVISION "200402160000Z" -- 16th February 2004
DESCRIPTION "Added the following objects
snortIDS,
snortExp,
sidaSensorTable,
sidaSensorEntry,
sidaSensorID,
sidaSensorDescription,
sidaSensorVersion,
sidaSensorLocation,
sidaSensorAddressType,
sidaSensorAddress,
sidaSensorInterfaceIndex,
sidaSensorManufacturer,
sidaSensorProductName,
sidaSensorProductID,
sidaAlertTable,
sidaAlertEntry,
sidaAlertID,
sidaAlertTimeStamp,
sidaAlertActionsTaken,
sidaAlertMsg,
sidaAlertMoreInfo,
sidaAlertSrcAddressType,
sidaAlertSrcAddress,
sidaAlertDstAddressType,
sidaAlertDstAddress,
sidaAlertSrcPort,
sidaAlertDstPort,
sidaAlertStartTime,
sidaAlertOccurrences,
sidaAlertImpact,
sidaAlertSrcAddressList,
sidaAlertDstAddressList,
sidaAlertSrcPortList,
sidaAlertDstPortList,
sidaAlertScanDuration,
sidaAlertScannedHosts,
sidaAlertTCPScanCount,
sidaAlertUDPScanCount,
sidaAlertScanType,
sidaAlertEventStatus,
sidaAlertEventPriority,
sidaAlertSrcMacAddress,
sidaAlertDstMacAddress,
sidaAlertTypes,
sidaAlertGeneric,
sidaAlertScanStatus,
sidaConformance,
sidaGroups,
sidaCompliances,
sidaAlertCompliance,
sidaAlertGroup,
sidaNotificationGroup,
Added the following textual conventions
SidaInetAddrList,
SidaPortList
Added the following sequences
SidaSensorEntry,
SidaAlertEntry
"
REVISION "200108300000Z" -- 30th July 2001
DESCRIPTION "SMIv2 version converted from older MIB definitions.
"
::= { enterprises 7441 }
system OBJECT IDENTIFIER ::= { ciphertrust 1 }
services OBJECT IDENTIFIER ::= { ciphertrust 2 }
errors OBJECT IDENTIFIER ::= { ciphertrust 3 }
snortIDS OBJECT IDENTIFIER ::= { ciphertrust 4 }
-- The OBJECT IDENTIFIER for all Snort IDS MIBs
snortExp OBJECT IDENTIFIER ::= { ciphertrust 5 }
-- The OBJECT IDENTIFIER for all Snort experimental MIBs
message OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A message that is used for all errors"
::= { errors 1 }
heartbeat NOTIFICATION-TYPE
STATUS current
DESCRIPTION "HeartBeat Trap."
::= { system 1 }
smtpo-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out UP Trap."
::= { services 301 }
smtpo-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out DOWN Trap."
::= { services 302 }
smtpo-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out ERROR Trap."
::= { services 303 }
smtpo-tls-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out TLS Negotiation failure Trap."
::= { services 304 }
smtpo-tls-cert-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out TLS Certificate verification failure Trap."
::= { services 305 }
smtpo-auth-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out Certificate authentication failure Trap."
::= { services 306 }
smtpo-dns-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out DNS Server ERROR Trap."
::= { services 307 }
smtpo-dsn-final NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out Final DSN Intimation Trap."
::= { services 308 }
smtpo-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTP Out RESTART Trap."
::= { services 309 }
smtpo-swm-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWM Delivery Failed."
::= { services 310 }
smtpproxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY UP Trap."
::= { services 211 }
smtpproxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY DOWN Trap."
::= { services 212 }
smtpproxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY ERROR Trap."
::= { services 213 }
smtpproxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY DOS Attack Trap."
::= { services 214 }
smtpproxy-tls-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY TLS Negotiation failure Trap."
::= { services 215 }
smtpproxy-rbl-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY RBL lookup failure Trap."
::= { services 216 }
smtpproxy-rdns-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY Reverse DNS lookup failure Trap."
::= { services 217 }
smtpproxy-relay-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY Relay Attempt Intimation Trap."
::= { services 218 }
smtpproxy-full-throttle NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY under Full Throttle Intimation Trap."
::= { services 219 }
smtpproxy-auth-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY Authentication failure Trap."
::= { services 2191 }
smtpproxy-esmtp-size-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY Message exceeds limit Trap."
::= { services 2192 }
smtpproxy-deny-list NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY DENY List Trap."
::= { services 2193 }
smtpproxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY RESTART Trap."
::= { services 2194 }
smtpproxy-ldap-profile-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPPROXY LDAP Profile Error Trap."
::= { services 2195 }
smtpsproxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY UP Trap."
::= { services 221 }
smtpsproxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY DOWN Trap."
::= { services 222 }
smtpsproxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY ERROR Trap."
::= { services 223 }
smtpsproxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY DOS Attack Trap."
::= { services 224 }
smtpsproxy-tls-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY TLS Negotiation failure Trap."
::= { services 225 }
smtpsproxy-rbl-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY RBL lookup failure Trap."
::= { services 226 }
smtpsproxy-rdns-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY Reverse DNS lookup failure Trap."
::= { services 227 }
smtpsproxy-relay-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY Relay Attempt Intimation Trap."
::= { services 228 }
smtpsproxy-full-throttle NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY under Full Throttle Intimation Trap."
::= { services 229 }
smtpsproxy-auth-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY Authentication failure Trap."
::= { services 2291 }
smtpsproxy-esmtp-size-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY Message exceeds limit Trap."
::= { services 2292 }
smtpsproxy-deny-list NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY DENY List Trap."
::= { services 2293 }
smtpsproxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY RESTART Trap."
::= { services 2294 }
smtpsproxy-ldap-profile-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPSPROXY LDAP Profile Error Trap."
::= { services 2295 }
pop3proxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY UP Trap."
::= { services 411 }
pop3proxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY DOWN Trap."
::= { services 412 }
pop3proxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY ERROR Trap."
::= { services 413 }
pop3proxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY DOS Attack Trap."
::= { services 414 }
pop3proxy-pass-crack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY Password cracking attempt Trap."
::= { services 415 }
pop3proxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3PROXY RESTART Trap."
::= { services 416 }
pop3sproxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY UP Trap."
::= { services 421 }
pop3sproxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY DOWN Trap."
::= { services 422 }
pop3sproxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY ERROR Trap."
::= { services 423 }
pop3sproxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY DOS Attack Trap."
::= { services 424 }
pop3sproxy-pass-crack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY Password cracking attempt Trap."
::= { services 425 }
pop3sproxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "POP3SPROXY RESTART Trap."
::= { services 426 }
imap4proxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY UP Trap."
::= { services 511 }
imap4proxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY DOWN Trap."
::= { services 512 }
imap4proxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY ERROR Trap."
::= { services 513 }
imap4proxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY DOS Attack Trap."
::= { services 514 }
imap4proxy-pass-crack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY Password cracking attempt Trap."
::= { services 515 }
imap4proxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4PROXY RESTART Trap."
::= { services 516 }
imap4sproxy-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY UP Trap."
::= { services 521 }
imap4sproxy-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY DOWN Trap."
::= { services 522 }
imap4sproxy-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY ERROR Trap."
::= { services 523 }
imap4sproxy-dos-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY DOS Attack Trap."
::= { services 524 }
imap4sproxy-pass-crack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY Password cracking attempt Trap."
::= { services 525 }
imap4sproxy-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IMAP4SPROXY RESTART Trap."
::= { services 526 }
httpd-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "HTTPD UP Trap."
::= { services 901 }
httpd-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "HTTPD DOWN Trap."
::= { services 902 }
httpd-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "HTTPD ERROR Trap."
::= { services 903 }
httpd-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "HTTPD RESTART Trap."
::= { services 904 }
tomcat-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "TOMCAT UP Trap."
::= { services 1001 }
tomcat-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "TOMCAT DOWN Trap."
::= { services 1002 }
tomcat-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "TOMCAT ERROR Trap."
::= { services 1003 }
tomcat-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "TOMCAT RESTART Trap."
::= { services 1004 }
cfq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CFQ UP Trap."
::= { services 2001 }
cfq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CFQ DOWN Trap."
::= { services 2002 }
cfq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CFQ ERROR Trap."
::= { services 2003 }
cfq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CFQ RESTART Trap."
::= { services 2004 }
avq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ UP Trap."
::= { services 2101 }
avq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ DOWN Trap."
::= { services 2102 }
avq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ ERROR Trap."
::= { services 2103 }
avq-virus-found NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus found Intimation Trap."
::= { services 2104 }
avq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ RESTART Trap."
::= { services 2105 }
avq-update-success NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus Update Completed Successfully."
::= { services 2106 }
avq-update-failed NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus Update Failed."
::= { services 2107 }
avq-virus-cleaned NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus cleaned Intimation Trap."
::= { services 2108 }
avq-file-encryption-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus file encryption error Intimation Trap."
::= { services 2109 }
avq-sweep-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus sweep error Intimation Trap."
::= { services 2110 }
avq-data-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ Virus data error."
::= { services 2111 }
ripq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ UP Trap."
::= { services 2301 }
ripq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ DOWN Trap."
::= { services 2302 }
ripq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ ERROR Trap."
::= { services 2303 }
ripq-mime-parse-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ MIME Parsing failure Trap."
::= { services 2304 }
ripq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ RESTART Trap."
::= { services 2305 }
mmq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "MMQ UP Trap."
::= { services 2201 }
mmq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "MMQ DOWN Trap."
::= { services 2202 }
mmq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "MMQ ERROR Trap."
::= { services 2203 }
mmq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "MMQ RESTART Trap."
::= { services 2204 }
joinq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "JOINQ UP Trap."
::= { services 2401 }
joinq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "JOINQ DOWN Trap."
::= { services 2402 }
joinq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "JOINQ ERROR Trap."
::= { services 2403 }
joinq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "JOINQ RESTART Trap."
::= { services 2404 }
quarantineq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "QUARANTINEQ UP Trap."
::= { services 2501 }
quarantineq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "QUARANTINEQ DOWN Trap."
::= { services 2502 }
quarantineq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "QUARANTINEQ ERROR Trap."
::= { services 2503 }
quarantineq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "QUARANTINEQ RESTART Trap."
::= { services 2504 }
spamq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM UP Trap."
::= { services 2601 }
spamq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM DOWN Trap."
::= { services 2602 }
spamq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM ERROR Trap."
::= { services 2603 }
spamq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM RESTART Trap."
::= { services 2604 }
spamq-rbl-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM RBL lookup failure Trap."
::= { services 2605 }
spamq-rdns-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAM Reverse DNS lookup failure Trap."
::= { services 2606 }
spamq-sls-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SLS detected the message as spam."
::= { services 2607 }
spamq-esp-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "Enterprise Spam Profiler detected the message as spam."
::= { services 2608 }
spamq-sha-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "System Defined Header Analysis detected the message as spam."
::= { services 2609 }
spamq-euser-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "End User Spam Trap detected the message as spam."
::= { services 2610 }
spamq-uha-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "User Defined Header Analysis detected the message as spam."
::= { services 2611 }
spamq-est-detected NOTIFICATION-TYPE
STATUS current
DESCRIPTION "Enterprise Spam Trap detected the message as spam."
::= { services 2612 }
spamq-sls-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SLS Up Trap."
::= { services 2613 }
spamq-sls-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SLS Down Trap."
::= { services 2614 }
spamq-sls-fallback-success NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SLS Fallback was success."
::= { services 2615 }
spamq-sls-fallback-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SLS Fallback attempt failed."
::= { services 2616 }
sys-disk-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DISK UP Trap."
::= { services 111 }
sys-disk-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DISK DOWN Trap."
::= { services 112 }
sys-disk-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DISK ERROR Trap."
::= { services 113 }
sys-crypto-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CRYPTO UP Trap."
::= { services 121 }
sys-crypto-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CRYPTO DOWN Trap."
::= { services 122 }
sys-crypto-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CRYPTO ERROR Trap."
::= { services 123 }
sys-netstat-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-NETSTAT UP Trap."
::= { services 131 }
ids NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IDS Trap."
::= { services 1801 }
sys-dnshijack-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DNSHIJACK UP Trap."
::= { services 1802 }
sys-dnshijack-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DNSHIJACK DOWN Trap."
::= { services 1803 }
sys-dnshijack-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-DNSHIJACK ERROR Trap."
::= { services 1804 }
internal-server-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "INTERNAL-SERVER UP Trap."
::= { services 101 }
internal-server-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "INTERNAL-SERVER DOWN Trap."
::= { services 102 }
internal-server-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "INTERNAL-SERVER ERROR Trap."
::= { services 103 }
ade-ip-addr NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE from same IP Trap."
::= { services 1901 }
ade-from-addr NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same From Address Trap."
::= { services 1902 }
ade-size NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Message Size Trap."
::= { services 1903 }
ade-subject NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Message Subject Trap."
::= { services 1904 }
ade-attachment NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Attachment Trap."
::= { services 1905 }
ade-xtension NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Attachment Extension Trap."
::= { services 1906 }
ade-virus NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Virus Trap."
::= { services 1907 }
ade-uniq-virus NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE same Unique Virus Trap."
::= { services 1908 }
ade-cmplx-rule NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE complex rule Trap."
::= { services 1909 }
ade-system-rule NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADE system rule Trap."
::= { services 1910 }
sched-license-60 NOTIFICATION-TYPE
STATUS current
DESCRIPTION "60 Days License Notification"
::= { services 1621 }
sched-license-30 NOTIFICATION-TYPE
STATUS current
DESCRIPTION "30 Days License Notification"
::= { services 1622 }
sched-license-10 NOTIFICATION-TYPE
STATUS current
DESCRIPTION "Less than 10 Days License Notification"
::= { services 1623 }
update-success NOTIFICATION-TYPE
STATUS current
DESCRIPTION "Update Completed Successfully."
::= { services 9000 }
update-failed NOTIFICATION-TYPE
STATUS current
DESCRIPTION "Update Failed."
::= { services 9001 }
iwm-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM UP Trap."
::= { services 911 }
iwm-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM DOWN Trap."
::= { services 912 }
iwm-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM ERROR Trap."
::= { services 913 }
iwm-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM RESTART Trap."
::= { services 914 }
iwm-sig-attack NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM Signature Attack Trap."
::= { services 915 }
iwm-buff-overflow NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM Buffer Overflow Attack Trap."
::= { services 916 }
iwm-auth-failed NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM Authentication Failed Trap."
::= { services 917 }
iwm-timed-out NOTIFICATION-TYPE
STATUS current
DESCRIPTION "IWM Session Timeout Trap."
::= { services 918 }
sshd-maint-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Maint UP Trap."
::= { services 2801 }
sshd-maint-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Maint DOWN Trap."
::= { services 2802 }
sshd-maint-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Maint ERROR Trap."
::= { services 2803 }
sshd-maint-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Maint RESTART Trap."
::= { services 2804 }
sshd-cli-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Console UP Trap."
::= { services 2701 }
sshd-cli-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Console DOWN Trap."
::= { services 2702 }
sshd-cli-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Console ERROR Trap."
::= { services 2703 }
sshd-cli-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SSHD Console RESTART Trap."
::= { services 2704 }
swmq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWMQ UP Trap."
::= { services 2901 }
swmq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWMQ DOWN Trap."
::= { services 2902 }
swmq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWMQ ERROR Trap."
::= { services 2903 }
swmq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWMQ RESTART Trap."
::= { services 2904 }
swmq-notify-failure NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWMQ Notify Failure Trap."
::= { services 2905 }
vfq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "VFQ ERROR Trap."
::= { services 3001 }
vfq-restart NOTIFICATION-TYPE
STATUS current
DESCRIPTION "VFQ RESTART Trap."
::= { services 3002 }
vfq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "VFQ DOWN Trap."
::= { services 3003 }
vfq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "VFQ UP Trap."
::= { services 3004 }
sys-inode-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-INODE UP Trap."
::= { services 3101 }
sys-inode-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-INODE DOWN Trap."
::= { services 3102 }
sys-inode-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-INODE ERROR Trap."
::= { services 3103 }
sys-cmcsql-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCSQL UP Trap."
::= { services 3201 }
sys-cmcsql-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCSQL DOWN Trap."
::= { services 3202 }
sys-cmcsql-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCSQL ERROR Trap."
::= { services 3203 }
sys-cmcadmin-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCADMIN UP Trap."
::= { services 3301 }
sys-cmcadmin-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCADMIN DOWN Trap."
::= { services 3302 }
sys-cmcadmin-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SYS-CMCADMIN ERROR Trap."
::= { services 3303 }
admin-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADMIN UP Trap."
::= { services 3401 }
admin-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADMIN DOWN Trap."
::= { services 3402 }
admin-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "ADMIN ERROR Trap."
::= { services 3403 }
avq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "AVQ-COUNT ERROR Trap."
::= { services 3501 }
cfq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CFQ-COUNT ERROR Trap."
::= { services 3601 }
joinq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "JOINQ-COUNT ERROR Trap."
::= { services 3701 }
mmq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "MMQ-COUNT ERROR Trap."
::= { services 3801 }
ripq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "RIPQ-COUNT ERROR Trap."
::= { services 3901 }
smtpo-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SMTPO-COUNT ERROR Trap."
::= { services 4001 }
spamq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SPAMQ-COUNT ERROR Trap."
::= { services 4101 }
superq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SUPERQ-COUNT ERROR Trap."
::= { services 4201 }
vfq-count-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "VFQ-COUNT ERROR Trap."
::= { services 4301 }
reports-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "REPORTS UP Trap."
::= { services 4401 }
reports-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "REPORTS DOWN Trap."
::= { services 4402 }
reports-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "REPORTS ERROR Trap."
::= { services 4403 }
superq-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SUPERQ UP Trap."
::= { services 4501 }
superq-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SUPERQ DOWN Trap."
::= { services 4502 }
superq-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SUPERQ ERROR Trap."
::= { services 4503 }
lexanad-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "LEXANAD UP Trap."
::= { services 4901 }
lexanad-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "LEXANAD DOWN Trap."
::= { services 4902 }
lexanad-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "LEXANAD ERROR Trap."
::= { services 4903 }
swm-tomcat-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWM-TOMCAT UP Trap."
::= { services 4601 }
swm-tomcat-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWM-TOMCAT DOWN Trap."
::= { services 4602 }
swm-tomcat-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "SWM-TOMCAT ERROR Trap."
::= { services 4603 }
urq-tomcat-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "URQ-TOMCAT UP Trap."
::= { services 4701 }
urq-tomcat-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "URQ-TOMCAT DOWN Trap."
::= { services 4702 }
urq-tomcat-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "URQ-TOMCAT ERROR Trap."
::= { services 4703 }
eusrquarantine-up NOTIFICATION-TYPE
STATUS current
DESCRIPTION "EUSRQUARANTINE UP Trap."
::= { services 4801 }
eusrquarantine-down NOTIFICATION-TYPE
STATUS current
DESCRIPTION "EUSRQUARANTINE DOWN Trap."
::= { services 4802 }
eusrquarantine-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "EUSRQUARANTINE ERROR Trap."
::= { services 4803 }
ldapsync-ldap-profile-error NOTIFICATION-TYPE
STATUS current
DESCRIPTION "LDAPSYNC LDAP Profile Error Trap."
::= { services 1641 }
-- textual conventions for lists of addresses and lists of ports
SidaInetAddrList ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This data type is used to model a list of IP addresses.
The format will be as follows-
[Type:]FromIP[-ToIP]] [[Type]:FromIP[-ToIP]] .......]
It is essentially a set of zero or more IP address ranges
separated by a space character.
Each IP addres range is preceded by a Address type indecator
which is '4' or '6'. By default the address type is 4.
4 indicates that the address range pertains to the IPv4
address domain. 6 indicates that the address range pertains
to the IPv6 range."
SYNTAX OCTET STRING (SIZE (0..1024))
SidaPortList ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This data type is used to model a list of ports
The format will be as follows-
FromPort[-ToPort] [FromPort[-ToPort] .......]
It is essentially a set of zero or more port number ranges
separated by a space character.
"
SYNTAX OCTET STRING (SIZE (0..1024))
-- sidaSensors: The Table of Sensors. Each row represents a Snort Sensor.
-- sidaSensorID is the key to the table.
sidaSensorTable OBJECT-TYPE
SYNTAX SEQUENCE OF SidaSensorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Each row of this table contains information
about an alert indexed by sidaSensorID."
::= { snortExp 1 }
-- ::= { snortIDSAlertMIB 1 }
--
-- The sensor static objects
--
sidaSensorEntry OBJECT-TYPE
SYNTAX SidaSensorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Entry containing information pertaining to
a snort sensor."
INDEX { sidaSensorID }
::= { sidaSensorTable 1 }
SidaSensorEntry ::= SEQUENCE {
sidaSensorID
Integer32,
sidaSensorDescription
SnmpAdminString,
sidaSensorVersion
SnmpAdminString,
sidaSensorLocation
SnmpAdminString,
sidaSensorAddressType
InetAddressType,
sidaSensorAddress
InetAddress,
sidaSensorInterfaceIndex
InterfaceIndex,
sidaSensorManufacturer
SnmpAdminString,
sidaSensorProductName
SnmpAdminString,
sidaSensorProductID
OBJECT IDENTIFIER
}
sidaSensorID OBJECT-TYPE
SYNTAX Integer32 ( 1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" An identifier to uniquely identify the Analyzer
in the domain."
::= { sidaSensorEntry 1 }
sidaSensorDescription OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" A short description of the Sensor."
::= { sidaSensorEntry 2 }
sidaSensorVersion OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" the version number of the sensor that detected the event."
::= { sidaSensorEntry 3}
sidaSensorLocation OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" the location of the sensor that detected the event."
::= { sidaSensorEntry 4}
sidaSensorAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of the address which follows."
::= { sidaSensorEntry 5}
sidaSensorAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The network address of the sensor. "
::= { sidaSensorEntry 6}
sidaSensorInterfaceIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The ifIndex of the interface on which the event was
detected by the sensor."
::= {sidaSensorEntry 7}
sidaSensorManufacturer OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" the Manufacturer of the sensor that detected the event."
::= { sidaSensorEntry 8}
sidaSensorProductName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" the name of the product that detected the event."
::= { sidaSensorEntry 9}
sidaSensorProductID OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A reference to MIB definitions specific to the
analyzer generating the message. If this information
is not present, its value should be set to the OBJECT
IDENTIFIER { 0 0 }, which is a syntatically valid
object identifier."
::= { sidaSensorEntry 10 }
-- sidaAlerts: The Table of Alerts. Each row represents an Alert.
-- sidaAlertID is the key to the table. The size of this table will be
-- implementation dependent - some implementors may choose to keep
-- a maximum of one messages in this table.
sidaAlertTable OBJECT-TYPE
SYNTAX SEQUENCE OF SidaAlertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Each row of this table contains information
about an alert indexed by sidaSensorID and sidaAlertID."
::= { snortExp 2 }
sidaAlertEntry OBJECT-TYPE
SYNTAX SidaAlertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Entry containing information pertaining to
an alert."
INDEX { sidaSensorID, sidaAlertID}
::= { sidaAlertTable 1 }
SidaAlertEntry ::= SEQUENCE {
sidaAlertID
Integer32,
sidaAlertTimeStamp
SnmpAdminString,
sidaAlertActionsTaken
BITS,
sidaAlertMsg
SnmpAdminString,
sidaAlertMoreInfo
SnmpAdminString,
sidaAlertSrcAddressType
InetAddressType,
sidaAlertSrcAddress
InetAddress,
sidaAlertDstAddressType
InetAddressType,
sidaAlertDstAddress
InetAddress,
sidaAlertSrcPort
Integer32,
sidaAlertDstPort
Integer32,
sidaAlertStartTime
SnmpAdminString,
sidaAlertOccurrences
Gauge32,
sidaAlertImpact
Integer32,
sidaAlertSrcAddressList
SidaInetAddrList,
sidaAlertDstAddressList
SidaInetAddrList,
sidaAlertSrcPortList
SidaPortList,
sidaAlertDstPortList
SidaPortList,
sidaAlertScanDuration
Counter32,
sidaAlertScannedHosts
Counter32,
sidaAlertTCPScanCount
Counter32,
sidaAlertUDPScanCount
Counter32,
sidaAlertScanType
Integer32,
sidaAlertEventStatus
Integer32,
sidaAlertEventPriority
Integer32,
sidaAlertSrcMacAddress
MacAddress,
sidaAlertDstMacAddress
MacAddress
}
sidaAlertID OBJECT-TYPE
SYNTAX Integer32 ( 1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The AlertID uniquely identifies each alert generated
by the sensor."
::= {sidaAlertEntry 1}
sidaAlertTimeStamp OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" An NTP style timestamp of the local time when this alert
was generated. It will be of the format 991372237.668158 ."
::= { sidaAlertEntry 2}
-- the actions will probably be a comma separated list of action
-- codes or a pointer to another MIB table from which the actions
-- may be fetched.
--
sidaAlertActionsTaken OBJECT-TYPE
SYNTAX BITS {
none (0),
logged (1),
alerted (2),
blocked (3),
tagged (4),
tcpRstToSender (16),
tcpRstToReceiver (18),
tcpRstToSenderAndReceiver (19),
icmpNetUnreachToSender (20),
icmpHostUnreachToSender (21),
icmpPortUnreachToSender (22),
icmpAllUnreachToSender (23)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The actions taken on the alert raised. Note multiple
actions may be taken."
::= { sidaAlertEntry 3}
-- SnmpAdminString length is 255 characters max. It contains
-- information represented using the ISO/IEC IS 10646-1 character
-- set, encoded using the UTF-8 transformation format to facilitate
-- internationalization.
sidaAlertMsg OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" the message associated with the rule that triggered
the alert. Conventionally, the name of the attack.
If there is no message this field will be blank."
::= { sidaAlertEntry 4}
sidaAlertMoreInfo OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A reference to more information specific to this
alert message. This is likely to be a list of one or
more URLs or references. If there is no
reference available this field will be blank"
::= { sidaAlertEntry 5}
sidaAlertSrcAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of the Internet address that was the attack source."
::= { sidaAlertEntry 6}
sidaAlertSrcAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The Internet addresses of the entity from which the attack
originated, if known. "
::= { sidaAlertEntry 7}
sidaAlertDstAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of the Internet address that was the attack target."
::= { sidaAlertEntry 8}
sidaAlertDstAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The Internet address of the entity to which the attack
was destined, if known."
::= { sidaAlertEntry 9}
sidaAlertSrcPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The port number from where the attack has originated "
::= { sidaAlertEntry 10}
sidaAlertDstPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The port number to which the attack is destined "
::= { sidaAlertEntry 11}
sidaAlertStartTime OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The local date and time when the event causing this alert
was first detected."
::= { sidaAlertEntry 12}
sidaAlertOccurrences OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The number of occurrences of the event that is being
reported in the alert."
::= { sidaAlertEntry 13}
sidaAlertImpact OBJECT-TYPE
SYNTAX INTEGER{
unknown (1),
badUnknown (2),
notSuspicious (3),
attemptedAdmin (4),
successfulAdmin (5),
attemptedDos (6),
successfulDos (7),
attemptedRecon (8),
successfulReconLimited (9),
successfulReconLargescale (10),
attemptedUser (11),
successfulUser (12)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The evaluated impact of the events leading to the
alert."
::= { sidaAlertEntry 14}
sidaAlertSrcAddressList OBJECT-TYPE
SYNTAX SidaInetAddrList
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The list of source addresses pertaining to this alert."
::= { sidaAlertEntry 15}
sidaAlertDstAddressList OBJECT-TYPE
SYNTAX SidaInetAddrList
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The list of destination addresses pertaining to this alert."
::= { sidaAlertEntry 16}
sidaAlertSrcPortList OBJECT-TYPE
SYNTAX SidaPortList
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The list of source port numbers pertaining to this alert."
::= { sidaAlertEntry 17}
sidaAlertDstPortList OBJECT-TYPE
SYNTAX SidaPortList
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The list of destination port numbers pertaining to this alert."
::= { sidaAlertEntry 18}
sidaAlertScanDuration OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The duration of the scan being
reported in the alert."
::= { sidaAlertEntry 19}
sidaAlertScannedHosts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The number of hosts scanned by the event
reported in the alert."
::= { sidaAlertEntry 20}
sidaAlertTCPScanCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The number of TCP scans seen in the event
reported in the alert."
::= { sidaAlertEntry 21}
sidaAlertUDPScanCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The number of UDP scans seen in the event
reported in the alert."
::= { sidaAlertEntry 22}
sidaAlertScanType OBJECT-TYPE
SYNTAX INTEGER {
other (1),
stealth (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The Type of the scan Stealth or otherwise
reported in the alert."
::= { sidaAlertEntry 23}
sidaAlertEventStatus OBJECT-TYPE
SYNTAX INTEGER {
other (1),
start (2),
inProgress (3),
end (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The status of the event being reported in the alert.
The alert may report the start or end of an event.
It may also provide intermediate reports on event
in progress."
::= { sidaAlertEntry 24}
sidaAlertEventPriority OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The priority of the event being reported in the alert.
"
::= { sidaAlertEntry 25}
sidaAlertSrcMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The 802 MAC address seen in source address part of the
datagram carrying packet which has caused this alert.
"
::= { sidaAlertEntry 26}
sidaAlertDstMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The 802 MAC address seen in destination address part of the
datagram carrying packet which has caused this alert.
"
::= { sidaAlertEntry 27}
sidaAlertTypes OBJECT IDENTIFIER ::= { snortExp 3 }
sidaAlertGeneric NOTIFICATION-TYPE
OBJECTS { sidaSensorVersion,
sidaSensorAddressType, sidaSensorAddress,
sidaAlertTimeStamp, sidaAlertActionsTaken,
sidaAlertMsg,
sidaAlertMoreInfo, sidaAlertSrcAddressType,
sidaAlertSrcAddress, sidaAlertDstAddressType,
sidaAlertDstAddress, sidaAlertSrcPort,
sidaAlertDstPort, sidaAlertImpact,
sidaAlertEventPriority, sidaAlertSrcMacAddress,
sidaAlertDstMacAddress }
STATUS current
DESCRIPTION
"The Sida Alert Generic Trap is sent whenever an
event is detected by snort (rules) and no specific
Alert is found applicable."
::= { sidaAlertTypes 1 }
sidaAlertScanStatus NOTIFICATION-TYPE
OBJECTS { sidaSensorVersion,
sidaSensorAddressType, sidaSensorAddress,
sidaAlertTimeStamp, sidaAlertActionsTaken,
sidaAlertMsg, sidaAlertSrcAddressType,
sidaAlertSrcAddress, sidaAlertDstAddressList,
sidaAlertSrcPort, sidaAlertDstPortList,
sidaAlertScanDuration, sidaAlertScannedHosts,
sidaAlertTCPScanCount, sidaAlertUDPScanCount,
sidaAlertScanType, sidaAlertEventStatus,
sidaAlertEventPriority, sidaAlertSrcMacAddress,
sidaAlertDstMacAddress }
STATUS current
DESCRIPTION
"The Sida Alert Generic Trap is sent whenever an
event is detected by snort (rules) and no specific
Alert is found applicable."
::= { sidaAlertTypes 2 }
-- Conformance information
sidaConformance OBJECT IDENTIFIER ::= { snortExp 4 }
sidaGroups OBJECT IDENTIFIER ::= { sidaConformance 1 }
sidaCompliances OBJECT IDENTIFIER ::= { sidaConformance 2 }
-- Compliance statements
sidaAlertCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
which implement the
SNORT-INTRUSION-DETECTION-ALERT-MIB."
MODULE -- this module
MANDATORY-GROUPS { sidaAlertGroup , sidaNotificationGroup }
::= { sidaCompliances 1 }
-- Units of conformance
sidaAlertGroup OBJECT-GROUP
OBJECTS {
sidaSensorID,
sidaSensorDescription,
sidaSensorVersion,
sidaSensorLocation,
sidaSensorAddressType,
sidaSensorAddress,
sidaSensorInterfaceIndex,
sidaSensorManufacturer,
sidaSensorProductName,
sidaSensorProductID,
sidaAlertID,
sidaAlertTimeStamp,
sidaAlertActionsTaken,
sidaAlertMsg,
sidaAlertMoreInfo,
sidaAlertSrcAddressType,
sidaAlertSrcAddress,
sidaAlertDstAddressType,
sidaAlertDstAddress,
sidaAlertSrcPort,
sidaAlertDstPort,
sidaAlertStartTime,
sidaAlertOccurrences,
sidaAlertImpact,
sidaAlertSrcAddressList,
sidaAlertDstAddressList,
sidaAlertSrcPortList,
sidaAlertDstPortList,
sidaAlertScanDuration,
sidaAlertScannedHosts,
sidaAlertTCPScanCount,
sidaAlertUDPScanCount,
sidaAlertScanType,
sidaAlertEventStatus,
sidaAlertEventPriority,
sidaAlertSrcMacAddress,
sidaAlertDstMacAddress
}
STATUS current
DESCRIPTION
" A collection of objects for generation and dispatch of
alerts pertaining to intrusions detected."
::= { sidaGroups 1 }
sidaNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS { sidaAlertGeneric, sidaAlertScanStatus }
STATUS current
DESCRIPTION
" A collection of notifications for intrusions detection."
::= { sidaGroups 2 }
END