cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1065
Views
0
Helpful
2
Replies

Interpreting SNMP Trap Events

natehausrath
Level 1
Level 1

Hey everyone,

I'm currently receiving SNMP traps for important alerts from the IPS we have set up. The logs for these traps look something like this:

Ent Value 6: .1.3.6.1.4.1.9.9.383.1.2.3=This signature is a Metacomponent

Ent Value 7: .1.3.6.1.4.1.9.9.383.1.2.4=Visual Studio Msmask32.ocx ActiveX Buffer Overflow

Ent Value 8: .1.3.6.1.4.1.9.9.383.1.2.5=6990

First, how can I find out what strings like "Ent Value 8: .1.3.6.1.4.1.9.9.383.1.2.5" mean? Is it important?

Second, what is the best way to interpret these traps? I'm assuming I need to write a custom script to gather the important details and do what I want with them?

Any pointers would be very helpful! I just want to know what I'm getting myself into. :)

Thanks!

1 Accepted Solution

Accepted Solutions

Farrukh Haroon
VIP Alumni
VIP Alumni

You can lookup OIDs at this tool:

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en

There are many free/commercial SNMP trap collectors that would help you in this purpose. Scripting can get really involved sometimes, but of course if you are an expert at it, no need to pay money to achieve your desired objectives.

Regards

Farrukh

View solution in original post

2 Replies 2

Farrukh Haroon
VIP Alumni
VIP Alumni

You can lookup OIDs at this tool:

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en

There are many free/commercial SNMP trap collectors that would help you in this purpose. Scripting can get really involved sometimes, but of course if you are an expert at it, no need to pay money to achieve your desired objectives.

Regards

Farrukh

Thanks Farrukh. That's what I was looking for.

Now to either find a good free parser, or figure out the simplest way to do this myself...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: