https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319226#M76882 <HTML><HEAD></HEAD><BODY><P>You can lookup OIDs at this tool:</P><P></P><P><A class="jive-link-custom" href="http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en" target="_blank">http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en</A></P><P></P><P>There are many free/commercial SNMP trap collectors that would help you in this purpose. Scripting can get really involved sometimes, but of course if you are an expert at it, no need to pay money to achieve your desired objectives.</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 24 Jun 2009 12:59:48 GMT Farrukh Haroon 2009-06-24T12:59:48Z https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319225#M76881 <P>Hey everyone,</P><P></P><P>I'm currently receiving SNMP traps for important alerts from the IPS we have set up. The logs for these traps look something like this:</P><P></P><P>Ent Value 6: .1.3.6.1.4.1.9.9.383.1.2.3=This signature is a Metacomponent</P><P>Ent Value 7: .1.3.6.1.4.1.9.9.383.1.2.4=Visual Studio Msmask32.ocx ActiveX Buffer Overflow</P><P>Ent Value 8: .1.3.6.1.4.1.9.9.383.1.2.5=6990</P><P></P><P>First, how can I find out what strings like "Ent Value 8: .1.3.6.1.4.1.9.9.383.1.2.5" mean? Is it important?</P><P></P><P>Second, what is the best way to interpret these traps? I'm assuming I need to write a custom script to gather the important details and do what I want with them?</P><P></P><P>Any pointers would be very helpful! I just want to know what I'm getting myself into. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Thanks!</P> Sun, 10 Mar 2019 11:40:33 GMT https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319225#M76881 natehausrath 2019-03-10T11:40:33Z https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319226#M76882 <HTML><HEAD></HEAD><BODY><P>You can lookup OIDs at this tool:</P><P></P><P><A class="jive-link-custom" href="http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en" target="_blank">http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en</A></P><P></P><P>There are many free/commercial SNMP trap collectors that would help you in this purpose. Scripting can get really involved sometimes, but of course if you are an expert at it, no need to pay money to achieve your desired objectives.</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 24 Jun 2009 12:59:48 GMT https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319226#M76882 Farrukh Haroon 2009-06-24T12:59:48Z https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319227#M76883 <HTML><HEAD></HEAD><BODY><P>Thanks Farrukh. That's what I was looking for.</P><P></P><P>Now to either find a good free parser, or figure out the simplest way to do this myself...</P></BODY></HTML> Wed, 24 Jun 2009 13:07:28 GMT https://community.cisco.com/t5/network-security/interpreting-snmp-trap-events/m-p/1319227#M76883 natehausrath 2009-06-24T13:07:28Z