343 lines
14 KiB
Plaintext
343 lines
14 KiB
Plaintext
-- ==================================================================
|
|
-- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
|
|
--
|
|
-- Description: IDS Management MIB
|
|
-- Reference:
|
|
-- Version: V1.0
|
|
-- History:
|
|
-- V1.00 2005/08/18 Created by Wang Hanlin
|
|
-- ==================================================================
|
|
HPN-ICF-IDS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
hpnicfCommon
|
|
FROM HPN-ICF-OID-MIB
|
|
Integer32, Unsigned32, OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-IDENTITY
|
|
FROM SNMPv2-SMI
|
|
InetAddressType, InetAddress
|
|
FROM INET-ADDRESS-MIB;
|
|
|
|
hpnicfIDSMib MODULE-IDENTITY
|
|
LAST-UPDATED "200507141942Z"
|
|
ORGANIZATION
|
|
""
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"This MIB describes IDS private information.
|
|
IDS(Instruction Detecting System) is used to detect intruder activity. "
|
|
::= { hpnicfIds 1 }
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
hpnicfIds OBJECT IDENTIFIER ::= { hpnicfCommon 47 }
|
|
|
|
hpnicfIDSTrapGroup OBJECT IDENTIFIER ::= { hpnicfIDSMib 1 }
|
|
|
|
hpnicfIDSTrapInfo OBJECT IDENTIFIER ::= { hpnicfIDSTrapGroup 1 }
|
|
|
|
hpnicfIDSTrapIPFragmentQueueLen OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of IP fragment queue."
|
|
::= { hpnicfIDSTrapInfo 1 }
|
|
|
|
hpnicfIDSTrapStatSessionTabLen OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of status session table."
|
|
::= { hpnicfIDSTrapInfo 2 }
|
|
|
|
hpnicfIDSTrapIPAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of IP Address."
|
|
::= { hpnicfIDSTrapInfo 3 }
|
|
|
|
hpnicfIDSTrapIPAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address."
|
|
::= { hpnicfIDSTrapInfo 4 }
|
|
|
|
hpnicfIDSTrapUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User name."
|
|
::= { hpnicfIDSTrapInfo 5 }
|
|
|
|
hpnicfIDSTrapLoginType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
telnet(1),
|
|
ssh(2),
|
|
web(3)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Login type, including telnet, ssh and web."
|
|
::= { hpnicfIDSTrapInfo 6 }
|
|
|
|
hpnicfIDSTrapUpgradeType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
programme(1), -- image file of system
|
|
crb(2), -- custom rule base
|
|
vrb(3) -- vendor rule base
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Upgrade type, including programme(system image),
|
|
crb(custom rule base, one kind of configuration file),
|
|
vrb(vendor rule base, one kind of configuration file)."
|
|
::= { hpnicfIDSTrapInfo 7 }
|
|
|
|
hpnicfIDSTrapCRLName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CRL(Certificate Revoke List) name."
|
|
::= { hpnicfIDSTrapInfo 8 }
|
|
|
|
hpnicfIDSTrapCertName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Certificate name."
|
|
::= { hpnicfIDSTrapInfo 9 }
|
|
|
|
hpnicfIDSTrapDetectRuleID OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule ID which is a unique identifier for a specified
|
|
detect rule."
|
|
::= { hpnicfIDSTrapInfo 10 }
|
|
|
|
hpnicfIDSTrapEngineID OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique number used to identify an interface."
|
|
::= { hpnicfIDSTrapInfo 11 }
|
|
|
|
hpnicfIDSTrapFileName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..256))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The file name."
|
|
::= { hpnicfIDSTrapInfo 12 }
|
|
|
|
hpnicfIDSTrapCfgLineInFile OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The line number in the configuration file."
|
|
::= { hpnicfIDSTrapInfo 13 }
|
|
|
|
hpnicfIDSTrapReasonForError OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..256))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The information of the notification. Although the format and
|
|
content of this object are device specific, they should be
|
|
defined uniformly in the device."
|
|
::= { hpnicfIDSTrapInfo 14 }
|
|
|
|
hpnicfIDSTrap OBJECT IDENTIFIER ::= { hpnicfIDSTrapGroup 2 }
|
|
|
|
hpnicfIDSTrapPrefix OBJECT IDENTIFIER ::= { hpnicfIDSTrap 0 }
|
|
|
|
hpnicfIDSTrapIPFragQueueFull NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapIPFragmentQueueLen,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the IP fragment
|
|
queue is full. The hpnicfIDSTrapIPFragmentQueueLen describes
|
|
the length of current fragment queue.
|
|
The hpnicfIDSTrapReasonForError describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 1 }
|
|
|
|
hpnicfIDSTrapStatSessTabFull NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapStatSessionTabLen,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the status session
|
|
table is full. The hpnicfIDSTrapStatSessionTabLen describes the
|
|
length of current status session table.
|
|
The hpnicfIDSTrapReasonForError describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 2 }
|
|
|
|
hpnicfIDSTrapDetectRuleParseFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapDetectRuleID,
|
|
hpnicfIDSTrapEngineID,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when failing to parse
|
|
the rules for detecting. The hpnicfIDSTrapDetectRuleID object describes
|
|
rule ID. The hpnicfIDSTrapEngineID object identifies an interface
|
|
the rule applies to. The hpnicfIDSTrapReasonForError object
|
|
describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 3 }
|
|
|
|
hpnicfIDSTrapDBConnLost NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapIPAddressType,
|
|
hpnicfIDSTrapIPAddress,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when connecting with
|
|
database server fails. The hpnicfIDSTrapIPAddressType object describes
|
|
the IP address type of database server. The hpnicfIDSTrapIPAddress
|
|
object describes the IP address of database server. The
|
|
hpnicfIDSTrapReasonForError describes reason of connecting failure."
|
|
::= { hpnicfIDSTrapPrefix 4 }
|
|
|
|
hpnicfIDSTrapCRLNeedUpdate NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapCRLName,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when IDS device detects
|
|
that CRL is out of date. The hpnicfIDSTrapCRLName object
|
|
describes the CRL(Certificate Revoke List) name.
|
|
The hpnicfIDSTrapReasonForError object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 5 }
|
|
|
|
hpnicfIDSTrapCertOverdue NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapCertName,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when IDS device detects
|
|
that certificate is overdue. The hpnicfIDSTrapCertName object
|
|
describes the certificate name. The hpnicfIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 6 }
|
|
|
|
hpnicfIDSTrapTooManyLoginFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapUserName,
|
|
hpnicfIDSTrapIPAddressType,
|
|
hpnicfIDSTrapIPAddress,
|
|
hpnicfIDSTrapLoginType,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the login
|
|
failure times of a user over a certain number.
|
|
The hpnicfIDSTrapUserName object describes the user name
|
|
when logging in. The hpnicfIDSTrapIPAddressType object
|
|
describes the IP address type of client. The
|
|
hpnicfIDSTrapIPAddress object describes the IP address of
|
|
client. The hpnicfIDSTrapLoginType object describes
|
|
login type, including: telnet, ssh, web.
|
|
The hpnicfIDSTrapReasonForError object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 7 }
|
|
|
|
hpnicfIDSTrapUpgradeError NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapUpgradeType,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when upgrading fails.
|
|
The hpnicfIDSTrapUpgradeType object describes upgrade type,
|
|
including: programme, vrb. The hpnicfIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 8 }
|
|
|
|
hpnicfIDSTrapFileAccessError NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapFileName,
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when accessing file
|
|
fails. The hpnicfIDSTrapFileName object describes the name
|
|
of file accessed. The hpnicfIDSTrapReasonForError object describes
|
|
reason for error."
|
|
::= { hpnicfIDSTrapPrefix 9 }
|
|
|
|
hpnicfIDSTrapConsArithMemLow NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when memory used by
|
|
constructing the arithmetic to seek content is lacking.
|
|
The hpnicfIDSTrapReasonForError object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 10 }
|
|
|
|
hpnicfIDSTrapSSRAMOperFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when reading or
|
|
writing SSRAM of CIE card fails. The hpnicfIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { hpnicfIDSTrapPrefix 11 }
|
|
|
|
hpnicfIDSTrapPacketProcessDisorder NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hpnicfIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when packets processed
|
|
is in disorder. The hpnicfIDSTrapReasonForError object describes
|
|
reason for error."
|
|
::= { hpnicfIDSTrapPrefix 12 }
|
|
|
|
hpnicfIDSTrapCfgFileFormatError NOTIFICATION-TYPE
|
|
OBJECTS { hpnicfIDSTrapFileName, hpnicfIDSTrapCfgLineInFile }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When devices startup and load the configuration file,
|
|
if format error is found, this notification will be generated.
|
|
The hpnicfIDSTrapFileName object describes the name of
|
|
configuration file. The hpnicfIDSTrapCfgLineInFile object
|
|
describes the line number in the file."
|
|
::= { hpnicfIDSTrapPrefix 13 }
|
|
|
|
END
|