I just included my first router within the reporting devices and decided to take a look at the raw events coming in to the MARS. To my surprise I see just two types of events :
- Generic IOS syslog
- Unknown Device Event Type
This second one looks like SNMP because every message begins with "SNMPv2-SMI::enterprises." and seems to contain OIDs and data. Is this normal or am I having some kind of problem? The syslog messages seem to be interpreted correctly; in fact they generated a few incidents when there were some problems on one of the interfaces. I'm worried that the SNMP messages (traps?) are not being understood.
Thanks for your help,