SNMP trap parameters

Mis à jour le 03 Jan 2025
1 Minute à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

SNMP traps can be configured as notification targets for the different event types.

Table: SNMP traps - parameters
System monitored	Element monitored	Trap parameters
System OS events
Disk space	/var/log: log file system /var/pg: DB file system /var/identikey: IDENTIKEY file system – log and trace files	A DISMAN-EVENT-MIB::mteTriggerFired trap is sent with the following parameters: DISMAN-EVENT-MIB::sysUpTimeInstance 0:0:22:00.30 SNMPv2-MIB::snmpTrapOID.0 DISMAN-EVENT-MIB::mteTriggerFired DISMAN-EVENT-MIB::mteHotTrigger.0 log file system DISMAN-EVENT-MIB::mteHotnotification targetName.0 DISMAN-EVENT-MIB::mteHotContextName.0 DISMAN-EVENT-MIB::mteHotOID.0 UCD-SNMP-MIB::dskErrorFlag.1 DISMAN-EVENT-MIB::mteHotValue.0 1 UCD-SNMP-MIB::dskPath.1 /var/log UCD-SNMP-MIB::dskErrorMsg.1 /var/log: less than 10% free (= 100%)
Memory	Memory low	A DISMAN-EVENT-MIB::mteTriggerFired trap is sent with the following parameters: DISMAN-EVENT-MIB::sysUpTimeInstance 0:0:26:01.01 SNMPv2-MIB::snmpTrapOID.0 DISMAN-EVENT-MIB::mteTriggerFired DISMAN-EVENT-MIB::mteHotTrigger.0 memory DISMAN-EVENT-MIB::mteHotnotification targetName.0 DISMAN-EVENT-MIB::mteHotContextName.0 DISMAN-EVENT-MIB::mteHotOID.0 UCD-SNMP-MIB::memSwapError.0 DISMAN-EVENT-MIB::mteHotValue.0 1 UCD-SNMP-MIB::memErrorName.0 swap UCD-SNMP-MIB::memSwapErrorMsg.0 Running out of swap space (3136)
Processes, monitored via SNMP traps	OneSpan Authentication Server (ikeyserver) LDAP sync daemon (ikldapsync) MDC daemon (mdcserver) System logging daemon (syslog-ng) Timeserver (ntpd)	A DISMAN-EVENT-MIB::mteTriggerFired trap is sent with the following parameters: DISMAN-EXPRESSION-MIB::sysUpTimeInstance 0:0:00:50.30 SNMPv2-MIB::snmpTrapOID.0 DISMAN-EVENT-MIB::mteTriggerFired DISMAN-EVENT-MIB::mteHotTrigger.0 process down DISMAN-EVENT-MIB::mteHotnotification targetName.0 DISMAN-EVENT-MIB::mteHotContextName.0 DISMAN-EVENT-MIB::mteHotOID.0 SNMPv2-SMI::enterprises.2021.2.1.100.4 DISMAN-EVENT-MIB::mteHotValue.0 1 SNMPv2-SMI::enterprises.2021.2.1.2.4 "syslog-ng" SNMPv2-SMI::enterprises.2021.2.1.101.4 "No syslog-ng process running." A similar trap is sent when the service comes back online: DISMAN-EXPRESSION-MIB::sysUpTimeInstance 0:0:00:40.40 SNMPv2-MIB::snmpTrapOID.0 DISMAN-EVENT-MIB::mteTriggerFired DISMAN-EVENT-MIB::mteHotTrigger.0 process up DISMAN-EVENT-MIB::mteHotnotification targetName.0 DISMAN-EVENT-MIB::mteHotContextName.0 DISMAN-EVENT-MIB::mteHotOID.0 SNMPv2-SMI::enterprises.2021.2.1.100.4 DISMAN-EVENT-MIB::mteHotValue.0 0 SNMPv2-SMI::enterprises.2021.2.1.2.4 "syslog-ng" SNMPv2-SMI::enterprises.2021.2.1.101.4 ""
OneSpan Authentication Server Appliance Configuration Tool events
Configuration Tool	All Configuration Tool events in the audit log are monitored.	For Configuration Tool events, traps with the following parameters are sent: DISMAN-EVENT-MIB::sysUpTimeInstance 2:1:13:15.27 SNMPv2-MIB::snmpTrapOID.0 VASCO-AXSGUARD-IDENTIFIER-MIB::vdsIaAuditNotification VASCO-AXSGUARD-IDENTIFIER-MIB::vdsIaNotificationContent.0 "User sysadmin logged in" VASCO-AXSGUARD-IDENTIFIER-MIB::vdsIaNotificationType.0 Success The MIB files sent with the VASCO-AXSGUARD-IDENTIFIER-MIB::vdsIaAuditNotification trap contains the information listed here, and explains which notifications and information can be monitored .
OneSpan Authentication Server events
OneSpan Authentication Server	All OneSpan Authentication Server events in the audit log are monitored.	SNMP-FRAMEWORK-MIB::snmpEngineTime.0 = INTEGER: 1193 seconds SNMP-FRAMEWORK-MIB::snmpEngineBoots.0 = INTEGER: 2 SNMPv2-MIB::snmpTrapOID.0 = OID:VASCO-IDENTIKEY-MIB::vdsIkSecAlertEvent VASCO-IDENTIKEY-MIB::vdsIkSecAlertTime.11 = STRING:2014-11-12,14:10:31.6,+0:0 VASCO-IDENTIKEY-MIB::vdsIkSecAlertType.11 = STRING: Failure VASCO-IDENTIKEY-MIB::vdsIkSecAlertContent.11 = STRING: "Time=\"2014/11/12 14:10:31\"; Code=\"F-002001\";AMID=\"0x47D1168D40EC1D4148F99985FD450501\"; Desc=\"Userauthentication failed.\";"

When an SNMP trap is sent, the information is added to a security alert table, which is an SNMP table defined in OneSpan Authentication Server and contains a list of recent security alerts. This list is defined in the VASCO-IDENTIKEY-MIB.txt file and can be accessed using an SNMP viewer. It is non-persistent, i.e. the list is cleared when the OneSpan Authentication Server process is stopped.

Cet article vous a-t-il été utile ?

SNMP trap parameters

What's Next