Ciscoworks LMS is receiving numerous SNMP authentication failure traps from scanning
activity performed by our network security group. Although LMS reports the trap in DFM's
history, it does not provide the varbind authAddr for us to know what the source IP
address of the authentication attempt.
Old versions of Ciscworks 2000 which we still have running do show the source IP address
in DFM's alert history.
How do we get the new LMS platforms to provide authAddr in the DFM alert so that we can
determine whether it's our own security staff or an intruder generating the failed SNMP
I am uncertain why the varbinds were taken out. You could talk to your account team, and tell them to create a Product Enhancement Request on your behalf requesting this feature be added back.