Windows has the built in ability to send traps for the event log with the Evntcmd and the Eventwin utilities.It sends much of the information from the event in the trap details, but it does not send the event ID or the event source in a text format. However, it does encode the source name and event ID in the trap OID itself. Microsoft has a KB article of the format here - How to translate event log messages to SNMP OIDs
Here is an example of a trap from the DB of our solarwinds server-
The trap was generated from a test event using the DOS command "eventcreate /L Application /T Information /SO "Solarwinds" /ID 100 /D "Solarwinds Test Event". If you look at the trap snmpTrapEnterprise value it is 126.96.36.199.4.1.3188.8.131.52.10.83.111.108.184.108.40.206.110.100.115 . Translating that from the MS KB article you have the following -
220.127.116.11.4.1.318.104.22.168.10.83.111.108.22.214.171.124.110.100.115 <----Full OID
126.96.36.199.4.1.3188.8.131.52 <--- EVNTAGENT-MIB:evntagent
.10. <--- 10 Characters in source name
184.108.40.206.220.127.116.11.100.115 <--- Source name in ASCII
S o l a r w i n d s <--- Source name in Text
The value snmpTrapOID takes this a step further and adds a 0 and the event ID (.0.100) to the OID.
Can a feature be added into SNMP Trap Veiwer that can process the Microsoft trap format into the event source and ID then have that value called as a variable in an alert action?