WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/ericsson/RBN-SYS-SECURITY-MIB

275 lines
8.5 KiB
Plaintext
Raw Blame History

-- $Id: RBN-SYS-SECURITY-MIB.my,v 1.1.18.2.26.1 2012/08/04 00:07:22 chiachun Exp $
-- $Source: /cvsroot/pkt/sw/se/xc/bsd/config/snmp/mibs/Attic/RBN-SYS-SECURITY-MIB.my,v $
-- *****************************************************************
-- RBN-SYS-SECURITY-MIB.my
--
-- Copyright (c) 2009 Ericsson AB
-- All rights reserved.
--
-- *****************************************************************
RBN-SYS-SECURITY-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Gauge32, Counter64
FROM SNMPv2-SMI -- [RFC2578]
DateAndTime
FROM SNMPv2-TC -- [RFC2579]
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF -- [RFC2580]
CounterBasedGauge64
FROM HCNUM-TC
RbnUnsigned64
FROM RBN-TC
rbnModules
FROM RBN-SMI;
rbnSysSecurityMib MODULE-IDENTITY
LAST-UPDATED "200911091800Z" -- Nov 9, 2009
ORGANIZATION "Ericsson Inc."
CONTACT-INFO
" Ericsson Inc.
100 Headquarters Drive
San Jose, CA 95134
USA
Phone: +1 408 750 5000
Fax: +1 408 750 5599
"
DESCRIPTION
"This MIB module defines attributes and notifications
related to system and network level security issues.
All mib objects defined in the module are viewed within
the context identified in the SNMP protocol (i.e. the
community string in v1/v2c or the contextName in v3).
"
REVISION "200911091800Z" -- Nov 9, 2009
DESCRIPTION
"Initial version"
::= {rbnModules 54}
rbnSysSecNotifications OBJECT IDENTIFIER ::= { rbnSysSecurityMib 0 }
rbnSysSecObjects OBJECT IDENTIFIER ::= { rbnSysSecurityMib 1 }
rbnSysSecConformance OBJECT IDENTIFIER ::= { rbnSysSecurityMib 2 }
--
-- Objects
--
rbnSysSecThresholdObjects OBJECT IDENTIFIER ::= { rbnSysSecObjects 1 }
rbnSysSecNotifyEnable OBJECT-TYPE
SYNTAX BITS {
maliciousPkt(0)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The bit mask to enable/disable notifications for crossing
specific threshold."
DEFVAL { { } }
::= { rbnSysSecThresholdObjects 1 }
rbnMeasurementInterval OBJECT-TYPE
SYNTAX Gauge32 (1..3600)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Data is sampled at the start and end of a specified interval. The
difference between the start and end values |end - start| is called
the delta value. When setting the interval, care should be taken
that the interval should be short enough that the sampled variable
is very unlikely to increase or decrease by more than range of the
variable. "
DEFVAL { 60 }
::= { rbnSysSecThresholdObjects 2}
rbnMaliciousPktsThresholdHi OBJECT-TYPE
SYNTAX RbnUnsigned64
UNITS "Packets"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When the current sampling interval delta value of the malicious
packets counter is greater than or equal to this threshold, and
the delta value at the last sampling interval was less than this
threshold, a single high threshold exceeded event will be
generated. A single high threshold exceeded event will also be
generated if the first sampling interval delta value of the
malicious IP packets counter is greater than or equal to this
threshold.
After a high threshold exceeded event is generated, another such
event will not be generated until the delta value falls below
this threshold and reaches the rbnMaliciousPktsThresholdLow,
generating a low threshold exceeded event. In other words there
cannot be successive high threshold events without an intervening
low threshold event. "
::= { rbnSysSecThresholdObjects 3}
rbnMaliciousPktsThresholdLow OBJECT-TYPE
SYNTAX RbnUnsigned64
UNITS "Packets"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When the current sampling interval delta value of the malicious
packets counter is less than or equal to this threshold, and the
delta value at the last sampling interval was greater than this
threshold, a single low threshold exceeded event will be
generated. In addition, a high threshold exceeded event must
occur before a low threshold exceeded event can be generated. "
::= { rbnSysSecThresholdObjects 4}
--
-- Counters to compare to above thresholds
--
rbnSysSecStatsObjects OBJECT IDENTIFIER ::= { rbnSysSecObjects 2 }
rbnMaliciousPktsCounter OBJECT-TYPE
SYNTAX Counter64
UNITS "Packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A count of all malicious pkts. This includes but is not limited
to malformed IP packets, malformed layer 4 IP, packets filtered by
ACLs for specific faults, IP packets identified as attempting to
spoof a system, and IP packets which failed reassembly."
::= { rbnSysSecStatsObjects 1}
rbnMaliciousPktsDelta OBJECT-TYPE
SYNTAX CounterBasedGauge64
UNITS "packets"
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The delta value of rbnMaliciousPktsCounter at the most recently
completed measurement interval."
::= { rbnSysSecStatsObjects 2 }
--
-- Objects only for notifications
--
rbnSysSecNotifyObjects OBJECT IDENTIFIER ::= { rbnSysSecObjects 4 }
rbnThresholdNotifyTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The DateAndTime of the notification."
::= { rbnSysSecNotifyObjects 1 }
--
-- NOTIFICATIONS
--
rbnMaliciousPktThresholdHiExceeded NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This notification signifies that one of the delta values is equal
to or greater than the corresponding high threshold value. The
specific delta value is the last object in the notification varbind
list. "
::= { rbnSysSecNotifications 1 }
rbnMaliciousPktThresholdLowExceeded NOTIFICATION-TYPE
OBJECTS {
rbnThresholdNotifyTime
}
STATUS current
DESCRIPTION
"This notification signifies that one of the delta values is less
than or equal to the corresponding low threshold value. The
specific delta value is the last object in the notification
varbind list. "
::= { rbnSysSecNotifications 2 }
--
-- Conformance
--
rbnSysSecCompliances OBJECT IDENTIFIER ::= { rbnSysSecConformance 1 }
rbnSysSecGroups OBJECT IDENTIFIER ::= { rbnSysSecConformance 2 }
rbnMaliciousPktGroup OBJECT-GROUP
OBJECTS {
rbnSysSecNotifyEnable,
rbnMeasurementInterval,
rbnMaliciousPktsThresholdHi,
rbnMaliciousPktsThresholdLow,
rbnMaliciousPktsCounter
}
STATUS current
DESCRIPTION
"Set of objects for the group."
::= { rbnSysSecGroups 1 }
rbnSysSecNotifyObjectsGroup OBJECT-GROUP
OBJECTS {
rbnMaliciousPktsDelta,
rbnThresholdNotifyTime
}
STATUS current
DESCRIPTION
"Set of objects for the group."
::= { rbnSysSecGroups 4 }
rbnSysSecNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
rbnMaliciousPktThresholdHiExceeded,
rbnMaliciousPktThresholdLowExceeded
}
STATUS current
DESCRIPTION
"Set of notifications for the group."
::= { rbnSysSecGroups 5 }
rbnSysSecCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for support of this mib module."
MODULE -- this module
MANDATORY-GROUPS {
rbnMaliciousPktGroup,
rbnSysSecNotifyObjectsGroup,
rbnSysSecNotificationGroup
}
OBJECT rbnMeasurementInterval
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required"
OBJECT rbnMaliciousPktsThresholdHi
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required"
OBJECT rbnMaliciousPktsThresholdLow
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required"
OBJECT rbnSysSecNotifyEnable
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required"
::= { rbnSysSecCompliances 1 }
END
View Git Blame Copy Permalink