mibs/MIBS/bluecoat/BLUECOAT-SG-ATTACK-MIB

126 lines
4.0 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
BLUECOAT-SG-ATTACK-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Integer32
FROM SNMPv2-SMI
TEXTUAL-CONVENTION, TimeStamp, DisplayString
FROM SNMPv2-TC
blueCoatMgmt
FROM BLUECOAT-MIB;
deviceAttackMIB MODULE-IDENTITY
LAST-UPDATED "200711050300Z"
ORGANIZATION "Blue Coat Systems, Inc."
CONTACT-INFO "support.services@bluecoat.com
http://www.bluecoat.com"
DESCRIPTION "The Blue Coat Attack MIB is used to monitor
possible protocol attacks by hackers."
REVISION "200711050300Z"
DESCRIPTION "Minor corrections and reformatting."
REVISION "200211060300Z"
DESCRIPTION "Initial revision of this MIB."
::= { blueCoatMgmt 3 }
deviceAttackMIBObjects
OBJECT IDENTIFIER ::= { deviceAttackMIB 1 }
deviceAttackMIBNotifications
OBJECT IDENTIFIER ::= { deviceAttackMIB 2 }
deviceAttackMIBNotificationsPrefix
OBJECT IDENTIFIER ::= { deviceAttackMIBNotifications 0 }
-- textual conventions
AttackStatus ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "Indicates the status of the attack.
noAttack(1) - no attack.
underAttack(2) - attack in progress."
SYNTAX INTEGER {
noAttack(1),
underAttack(2)
}
--
-- MIB variables
--
deviceAttackValues
OBJECT IDENTIFIER ::= { deviceAttackMIBObjects 1 }
--
-- deviceAttackTable
--
deviceAttackTable OBJECT-TYPE
SYNTAX SEQUENCE OF DeviceAttackEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table lists the various attacks that are
detected."
::= { deviceAttackValues 1 }
deviceAttackEntry OBJECT-TYPE
SYNTAX DeviceAttackEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A deviceAttack entry describes the
present state of an attack."
INDEX { deviceAttackIndex }
::= { deviceAttackTable 1 }
DeviceAttackEntry ::= SEQUENCE {
deviceAttackIndex INTEGER,
deviceAttackName DisplayString,
deviceAttackStatus AttackStatus,
deviceAttackTime TimeStamp
}
deviceAttackIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An arbitrary value which uniquely identifies an attack."
::= { deviceAttackEntry 1 }
deviceAttackName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The textual name of the attack i.e. SYN Flood."
::= { deviceAttackEntry 2 }
deviceAttackStatus OBJECT-TYPE
SYNTAX AttackStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION "noAttack(1) not under attack, underAttack(2) attack in progress.
The default start-up value is noAttack(1)."
::= { deviceAttackEntry 3 }
deviceAttackTime OBJECT-TYPE
SYNTAX TimeStamp
UNITS "Hundredths of seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The value of 'sysUpTime.0' at the time of the attack."
::= { deviceAttackEntry 4 }
--
-- notifications
--
deviceAttackTrap NOTIFICATION-TYPE
OBJECTS { deviceAttackName, deviceAttackStatus }
STATUS current
DESCRIPTION "At the start of an attack a notification is
generated with 'deviceAttackStatus = underAttack(2)'.
At the end of an attack a notification is generated with
'deviceAttackStatus = noAttack(1)'."
::= { deviceAttackMIBNotificationsPrefix 1 }
END