Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
312
Views
0
Helpful
1
Replies

SyslogMIB - Facility codes ? IDS , FW , LINK ..

ngolden
Level 1
Level 1

‎09-17-2003 04:19 AM - edited ‎03-09-2019 04:49 AM

Hello All,

I have compiled this mib ( cisco-syslog-mib ) and when I get the trap, it does not show the right value for "clogHistFacility".

The weird part is that it was working before.

In the main time I need to find out the facility codes for IDS, FW , LINK , etc. Because the management systems has stored the traps in the database wrongly formatted.

TRAP

-------------------------------------------------

Enterprise OID: .1.3.6.1.4.1.9.9.41.2

Ip Address: PIX

Generic: enterpriseSpecific -- 6

Specific: 1

TimeStamp: 484 hours 4 minutes 3 seconds

OID: .1.3.6.1.4.1.9.9.41.2.0.1 - clogMessageGenerated

Message: Cisco SYSLOG Message: $1 $2, $3 $4

MessageParsed: Cisco SYSLOG Message: 20 warning, Syslog Trap 400011: IDS:2001 IC

MP unreachable from 63.110.176.250 to 65.106.173.226 on interface outside

clogHistFacility.0: 20 <<<<<<<<<<<<<<<< WHY AM I GETTING 20 ?? IT SHOULD SAY 'SYS'

clogHistSeverity.0: warning

clogHistMsgName.0: Syslog Trap

clogHistMsgText.0: 400011: IDS:2001 ICMP unreachable from 63.110.176.250 to 65.1

06.173.226 on interface outside

clogHistTimestamp.0: 603761000

Labels:
0 Helpful
1 Reply 1

ngolden
Level 1
Level 1

‎09-17-2003 05:35 AM

here I found a list of all facilities, but id doesn't show the numeric code.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_system_message_guide_chapter09186a0080080f07.html

0 Helpful
Customers Also Viewed These Support Documents