I have a Catalyst 6513 that I would like to have snmp report failed login attempts to the logging buffer when the maximum limit it reached. I have enabled all traps and the log does not pick this up. I notice on my older 6500's with CAT OS this is sent to the logging buffer (on the switch side). Does anyone know if this is possible with IOS? My current code version is Version 12.2(18)SXF7
There is an enhancement in recent versions of IOS that does what you want about logging failed attempts to login. This link should give you information to get you started:
[note] this is done with syslog and not with snmp, and the catalyst switch is doing it with syslog also and not snmp.