139 lines
4.1 KiB
Plaintext
139 lines
4.1 KiB
Plaintext
VISION-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- Title: RADWARE
|
|
-- Version: 0.1
|
|
-- Date: 21/11/2016
|
|
-- By: RMA (Radware MIB Authority)
|
|
-- E-mail: US: support@radware.com
|
|
-- International: support_int@radware.com
|
|
|
|
IMPORTS
|
|
OBJECT-TYPE,
|
|
Counter64
|
|
FROM SNMPv2-SMI
|
|
DisplayString
|
|
FROM RFC1213-MIB
|
|
TRAP-TYPE
|
|
FROM RFC-1215
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
rndApplications
|
|
FROM RADWARE-MIB
|
|
;
|
|
|
|
-- Some MIB compilers require that the following 7 lines which define the path
|
|
-- to RND MIB are commented out:
|
|
|
|
-- mib OBJECT IDENTIFIER ::= { mgmt 1 }
|
|
-- directory OBJECT IDENTIFIER ::= { internet 1 }
|
|
-- experimental OBJECT IDENTIFIER ::= { internet 3 }
|
|
-- private OBJECT IDENTIFIER ::= { internet 4 }
|
|
-- enterprises OBJECT IDENTIFIER ::= { private 1 }
|
|
|
|
managment OBJECT IDENTIFIER ::= { rndApplications 10 }
|
|
alerts OBJECT IDENTIFIER ::= { managment 1 }
|
|
|
|
alertId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alert identifier. There is no value for events that are not SNMP traps."
|
|
::= { alerts 1 }
|
|
|
|
alertMessage OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of the event."
|
|
::= { alerts 2 }
|
|
|
|
alertUser OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The user who triggered the event. If no user is associated with the action, the user APSolute_Vision is displayed."
|
|
DEFVAL { "APSolute_Vision" }
|
|
::= { alerts 3 }
|
|
|
|
alertSeverity OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The severity of the alert."
|
|
::= { alerts 4 }
|
|
|
|
alertModule OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The source module of the event. Values: Vision Configuration, Vision General, Vision Control, Device General, Device Security, Security Reporting."
|
|
::= { alerts 5 }
|
|
|
|
alertCategory OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The attack category of the event."
|
|
::= { alerts 6 }
|
|
|
|
alertTimeString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time that event was triggered. The time format is according to the configuration on the APSolute Vision server."
|
|
::= { alerts 7 }
|
|
|
|
|
|
alertTimeMillis OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time that event was issued, in milliseconds since Epoch."
|
|
::= { alerts 8 }
|
|
|
|
alertSourceDeviceName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The values differ according to the alert type. For SNMP traps, the value is the name of the device that generated them.
|
|
For APSolute Vision auditing events, which have device context (configuration, monitoring), the value is the name of the device to which the event relates.
|
|
When the alert is generated by the APSolute Vision server, no device name is displayed."
|
|
DEFVAL { "" }
|
|
::= { alerts 9 }
|
|
|
|
alertSourceDeviceIp OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the device to which the message relates. No value is provided for alerts generated by APSolute Vision."
|
|
DEFVAL { "" }
|
|
::= { alerts 10 }
|
|
|
|
-- Trap template
|
|
-- -------------
|
|
-- TRAP-TYPE
|
|
-- ENTERPRISE
|
|
-- VARIABLES { }
|
|
-- DESCRIPTION
|
|
-- ""
|
|
-- ::=
|
|
-- -------------
|
|
|
|
alertTrap TRAP-TYPE
|
|
ENTERPRISE alerts
|
|
VARIABLES { alertId, alertMessage, alertUser, alertSeverity, alertModule, alertCategory, alertTimeString, alertTimeMillis, alertSourceDeviceName, alertSourceDeviceIp }
|
|
DESCRIPTION
|
|
"The attributes in the alert."
|
|
::= 200
|
|
|
|
END |