Interpreting SNMP Trap Events

Answered Question
Jun 22nd, 2009

Hey everyone,

I'm currently receiving SNMP traps for important alerts from the IPS we have set up. The logs for these traps look something like this:

Ent Value 6: . signature is a Metacomponent

Ent Value 7: . Studio Msmask32.ocx ActiveX Buffer Overflow

Ent Value 8: .

First, how can I find out what strings like "Ent Value 8: ." mean? Is it important?

Second, what is the best way to interpret these traps? I'm assuming I need to write a custom script to gather the important details and do what I want with them?

Any pointers would be very helpful! I just want to know what I'm getting myself into. :)


I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 7 years 3 months ago

You can lookup OIDs at this tool:

There are many free/commercial SNMP trap collectors that would help you in this purpose. Scripting can get really involved sometimes, but of course if you are an expert at it, no need to pay money to achieve your desired objectives.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
natehausrath Wed, 06/24/2009 - 06:07

Thanks Farrukh. That's what I was looking for.

Now to either find a good free parser, or figure out the simplest way to do this myself...


This Discussion