If you are using OneSpan Authentication Server Appliance system monitoring, we recommend to define targets for the following OneSpan Authentication Server Appliance events:
- OneSpan Authentication Server errors. For these type of events, you should define an audit filter that extracts all error audit messages.
- Locked authenticator users. For these type of events, you should define a filter that extracts all audit messages with the audit code 'W-011003'.
- Failed administrative logons. For these type of events, you should define a filter that extracts all audit messages with the audit code 'F-004001'.
- Replication failures. For these type of events, you should define a filter that extracts all audit messages with the audit codes 'F-003001' or 'F-003002'.
Generally, when SNMP notifications are defined, a VASCO-AXSGUARD-IDENTIFIER-MIB::vdsIaAuditNotification trap is sent. The MIB file contains the information about the notification and the variables. For more information, refer to the VASCO-AXSGUARD-IDENTIFIER-MIB file. You can download this file in OneSpan Authentication Server Appliance via Settings > SNMP.