WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/bluecoat/BLUECOAT-CAS-MIB

605 lines
20 KiB
Plaintext
Raw Blame History

BLUECOAT-CAS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,OBJECT-TYPE,NOTIFICATION-TYPE, Counter32,
Gauge32 FROM SNMPv2-SMI
DisplayString,DateAndTime
FROM SNMPv2-TC
bcsi
FROM BCSI-MIB;
blueCoatCasMib MODULE-IDENTITY
LAST-UPDATED "201310111500Z"
ORGANIZATION "Blue Coat Systems, Inc."
CONTACT-INFO
"support@bluecoat.com"
DESCRIPTION
"The CAS MIB is used to monitor
Content Analysis System related info."
::= { bcsi 8 }
blueCoatCasMibObjects
OBJECT IDENTIFIER ::= { blueCoatCasMib 1 }
blueCoatCasMibNotificationObjects
OBJECT IDENTIFIER ::= { blueCoatCasMib 2 }
blueCoatCasMibNotifications
OBJECT IDENTIFIER ::= { blueCoatCasMib 3 }
-----------------------------------------------------------------------------------
casLicenseDaysRemaining OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Content Analysis System license days remaining."
::= { blueCoatCasMibObjects 1 }
casPublishedFirmwareVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Content Analysis System version published on the automatic update location."
::= { blueCoatCasMibObjects 2 }
casInstalledFirmwareVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Currently installed Content Analysis System firmware version."
::= { blueCoatCasMibObjects 3 }
--
-- AntiVirusEngineStatusTable
--
casAntiVirusEngineStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF casAntiVirusEngineStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Table of anti-virus engines and their statuses that
are enabled on this Content Analysis System Appliance."
::= { blueCoatCasMibObjects 4 }
casAntiVirusEngineStatusEntry OBJECT-TYPE
SYNTAX CasAntiVirusEngineStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Entry in the AntiVirus Engine Status Table"
INDEX { casAvStatusIndex }
::= { casAntiVirusEngineStatusTable 1 }
CasAntiVirusEngineStatusEntry ::= SEQUENCE {
casAvStatusIndex Counter32,
casAvVendorName DisplayString,
casAvEngineVersion DisplayString,
casAvPatternVersion DisplayString,
casAvPatternDateTime DateAndTime,
casAvSubscriptionDaysRemaining INTEGER
}
casAvStatusIndex OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION "Unique row identifier"
::= { casAntiVirusEngineStatusEntry 1 }
casAvVendorName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AntiVirus vendor name."
::= { casAntiVirusEngineStatusEntry 2 }
casAvEngineVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AV engine version."
::= { casAntiVirusEngineStatusEntry 3 }
casAvPatternVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AV pattern version."
::= { casAntiVirusEngineStatusEntry 4 }
casAvPatternDateTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Release date and time of the av pattern."
::= { casAntiVirusEngineStatusEntry 5 }
casAvSubscriptionDaysRemaining OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Subscription days remaining for the AV engine."
::= { casAntiVirusEngineStatusEntry 6 }
--
-- End AntiVirusEngineStatusTable
--
casFilesScanned OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sum of number of files scanned using all protocols.
An archive containing multiple files will count as
one file."
::= { blueCoatCasMibObjects 5 }
casVirusesDetected OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sum of number of infected files detected using all
protocols. A file containing multiple infections will
count as one infected file."
::= { blueCoatCasMibObjects 6 }
casSlowICAPConnections OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of ICAP connections that are considered 'slow' -
receiving data for more than the configured time threshold
(by default 60 seconds)."
::= { blueCoatCasMibObjects 7 }
casICAPFilesScanned OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of files scanned using the ICAP protocol.
An archive containing multiple files will count as
one file."
::= { blueCoatCasMibObjects 8 }
casICAPVirusesDetected OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of infected files detected using the ICAP
protocol. A file containing multiple infections will
count as one infected file."
::= { blueCoatCasMibObjects 9 }
casSecureICAPFilesScanned OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of files scanned using the Secure ICAP protocol.
An archive containing multiple files will count as
one file."
::= { blueCoatCasMibObjects 10 }
casSecureICAPVirusesDetected OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of infected files detected using the Secure ICAP
protocol. A file containing multiple infections will
count as one infected file."
::= { blueCoatCasMibObjects 11 }
casCacheHits OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of files served from the internal AV cache."
::= { blueCoatCasMibObjects 12 }
casConnections OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of ICAP clients currently connected."
::= { blueCoatCasMibObjects 13 }
casBytesScanned OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of bytes scanned by CAS."
::= { blueCoatCasMibObjects 14 }
-----------------------------------------------------------------------------------
casUpdateFailureReason OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The reason why the av engine/pattern or CAS firmware update failed."
::= { blueCoatCasMibNotificationObjects 1 }
casUrl OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The URL for use in notifications."
::= { blueCoatCasMibNotificationObjects 2 }
avVirusName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The name of the infection found."
::= { blueCoatCasMibNotificationObjects 3 }
avVirusDetails OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"More details about the infection found."
::= { blueCoatCasMibNotificationObjects 4 }
avErrorCode OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Error code identifying the scan exception, like max_file_size_exceeded."
::= { blueCoatCasMibNotificationObjects 5 }
avErrorDetails OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"More details about the scan exception."
::= { blueCoatCasMibNotificationObjects 6 }
casPreviousFirmwareVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The firmware version before the firmware update."
::= { blueCoatCasMibNotificationObjects 7 }
casICTMWarningReason OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The reason of the Intelligent Connection Traffic Monitoring warning."
::= { blueCoatCasMibNotificationObjects 8 }
casTestAlertText OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Test alert text."
::= { blueCoatCasMibNotificationObjects 11 }
casSandboxRiskScore OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Sandboxing risk score."
::= { blueCoatCasMibNotificationObjects 12 }
casSandboxReportURL OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Sandboxing report URL."
::= { blueCoatCasMibNotificationObjects 13 }
casSandboxVendor OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Sandboxing vendor."
::= { blueCoatCasMibNotificationObjects 14 }
casSandboxFireEyeReportURL OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Sandboxing FireEye report URL."
::= { blueCoatCasMibNotificationObjects 15 }
casWhitelistingScore OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Whitelisting score."
::= { blueCoatCasMibNotificationObjects 16 }
casStaticAnalysisScore OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Static Analysis score."
::= { blueCoatCasMibNotificationObjects 17 }
casStaticAnalysisEngineVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Static Analysis Engine Version."
::= { blueCoatCasMibNotificationObjects 18 }
casStaticAnalysisPatternVersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Static Analysis Pattern Version."
::= { blueCoatCasMibNotificationObjects 19 }
casStaticAnalysisDetails OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Static Analysis Details."
::= { blueCoatCasMibNotificationObjects 20 }
casServiceResourceURL OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"URL of the service CAS trying to reach."
::= { blueCoatCasMibNotificationObjects 21 }
casTo OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The recipients of an email."
::= { blueCoatCasMibNotificationObjects 22 }
casFrom OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The sender of an email."
::= { blueCoatCasMibNotificationObjects 23 }
casSubject OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subject of an email."
::= { blueCoatCasMibNotificationObjects 24 }
casReason OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The reason an action was taken"
::= { blueCoatCasMibNotificationObjects 25 }
casCounterTackUrl OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The URL for querying CounterTack"
::= { blueCoatCasMibNotificationObjects 26 }
casCounterTackDetails OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The results of a CounterTack query"
::= { blueCoatCasMibNotificationObjects 27 }
-----------------------------------------------------------------------------------
casAntivirusUpdateSuccess NOTIFICATION-TYPE
OBJECTS { casAvVendorName, casAvEngineVersion, casAvPatternVersion, casAvPatternDateTime }
STATUS current
DESCRIPTION
"Successful av engine/pattern update."
::= { blueCoatCasMibNotifications 1 }
casAntivirusUpdateFailed NOTIFICATION-TYPE
OBJECTS { casUpdateFailureReason, casAvVendorName, casAvEngineVersion, casAvPatternVersion, casAvPatternDateTime }
STATUS current
DESCRIPTION
"Av engine/pattern update failed, casUpdateFailureReason provides more details."
::= { blueCoatCasMibNotifications 2 }
casVirusDetected NOTIFICATION-TYPE
OBJECTS { casUrl, avVirusName, avVirusDetails }
STATUS current
DESCRIPTION
"Infected file detected at casUrl."
::= { blueCoatCasMibNotifications 3 }
casFileServed NOTIFICATION-TYPE
OBJECTS { casUrl, avErrorCode, avErrorDetails }
STATUS current
DESCRIPTION
"File served without scanning. It could not be scanned completely due to a scan exception."
::= { blueCoatCasMibNotifications 4 }
casFileBlocked NOTIFICATION-TYPE
OBJECTS { casUrl, avErrorCode, avErrorDetails }
STATUS current
DESCRIPTION
"File blocked. It could not be scanned completely due to a scan exception."
::= { blueCoatCasMibNotifications 5 }
casNewFirmwareAvailable NOTIFICATION-TYPE
OBJECTS { casInstalledFirmwareVersion, casPublishedFirmwareVersion }
STATUS current
DESCRIPTION
"New firmware version published at the Blue Coat download location."
::= { blueCoatCasMibNotifications 6 }
casFirmwareUpdateSuccess NOTIFICATION-TYPE
OBJECTS { casPreviousFirmwareVersion, casInstalledFirmwareVersion }
STATUS current
DESCRIPTION
"Firmware update completed successfully."
::= { blueCoatCasMibNotifications 7 }
casFirmwareUpdateFailed NOTIFICATION-TYPE
OBJECTS { casInstalledFirmwareVersion, casPublishedFirmwareVersion, casUpdateFailureReason }
STATUS current
DESCRIPTION
"Firmware update failed."
::= { blueCoatCasMibNotifications 8 }
casLicenseWarning NOTIFICATION-TYPE
OBJECTS { casLicenseDaysRemaining }
STATUS current
DESCRIPTION
"The antivirus license is about to expire."
::= { blueCoatCasMibNotifications 9 }
casICTMWarning NOTIFICATION-TYPE
OBJECTS { casICTMWarningReason, casSlowICAPConnections }
STATUS current
DESCRIPTION
"The warning from the Intelligent Connection Traffic Monitoring
feature that the number of 'slow' connections has crossed the
threshold value."
::= { blueCoatCasMibNotifications 10 }
casTestAlert NOTIFICATION-TYPE
OBJECTS { casTestAlertText }
STATUS current
DESCRIPTION
"A test alert."
::= { blueCoatCasMibNotifications 11 }
casLicenseUpdateSuccessful NOTIFICATION-TYPE
OBJECTS { casLicenseDaysRemaining }
STATUS current
DESCRIPTION
"License update was successful."
::= { blueCoatCasMibNotifications 13 }
casLicenseUpdateFailed NOTIFICATION-TYPE
OBJECTS { casLicenseDaysRemaining, casUpdateFailureReason }
STATUS current
DESCRIPTION
"License update failed."
::= { blueCoatCasMibNotifications 14 }
casRebooted NOTIFICATION-TYPE
STATUS current
DESCRIPTION "CAS Rebooted"
::= { blueCoatCasMibNotifications 15 }
casSandboxResult NOTIFICATION-TYPE
OBJECTS { casUrl, casSandboxVendor, casSandboxRiskScore, casSandboxReportURL, casSandboxFireEyeReportURL, casCounterTackURL, casCounterTackDetails }
STATUS current
DESCRIPTION
"Sandbox result"
::= { blueCoatCasMibNotifications 16 }
casWhitelistingThreat NOTIFICATION-TYPE
OBJECTS { casUrl, casWhitelistingScore }
STATUS current
DESCRIPTION
"Threat detected at casUrl using whitelisting."
::= { blueCoatCasMibNotifications 17 }
casSandboxingThreat NOTIFICATION-TYPE
OBJECTS { casUrl, casSandboxReportURL, casSandboxFireEyeReportURL }
STATUS current
DESCRIPTION
"Threat detected at casUrl using Sandboxing."
::= { blueCoatCasMibNotifications 18 }
casStaticAnalysisThreat NOTIFICATION-TYPE
OBJECTS { casUrl, casStaticAnalysisScore, casStaticAnalysisEngineVersion, casStaticAnalysisPatternVersion, casStaticAnalysisDetails }
STATUS current
DESCRIPTION
"Threat detected at casUrl using StaticAnalysis."
::= { blueCoatCasMibNotifications 19 }
casURLUnreachable NOTIFICATION-TYPE
OBJECTS { casServiceResourceURL }
STATUS current
DESCRIPTION
"CAS is not able to reach URL."
::= { blueCoatCasMibNotifications 20 }
casURLReachable NOTIFICATION-TYPE
OBJECTS { casServiceResourceURL }
STATUS current
DESCRIPTION
"URL is now reachable."
::= { blueCoatCasMibNotifications 21 }
casEmailMaliciousBlocked NOTIFICATION-TYPE
OBJECTS { casTo, casFrom, casSubject, casReason }
STATUS current
DESCRIPTION
"Infected file detected and blocked in email"
::= { blueCoatCasMibNotifications 22 }
casEmailMaliciousServed NOTIFICATION-TYPE
OBJECTS { casTo, casFrom, casSubject, casReason }
STATUS current
DESCRIPTION
"Infected file detected in served email"
::= { blueCoatCasMibNotifications 23 }
casEmailOtherBlocked NOTIFICATION-TYPE
OBJECTS { casTo, casFrom, casSubject, casReason }
STATUS current
DESCRIPTION
"Exception in file scanned and blocked from email"
::= { blueCoatCasMibNotifications 24 }
casEmailOtherServed NOTIFICATION-TYPE
OBJECTS { casTo, casFrom, casSubject, casReason }
STATUS current
DESCRIPTION
"Exception in file scanned and served from email"
::= { blueCoatCasMibNotifications 25 }
END
View Git Blame Copy Permalink