Commit d72ad028 authored by Dmitry Volodin's avatar Dmitry Volodin
Browse files

required_mibs=[...] declaration fixes

parent b0eb3113
......@@ -29,7 +29,7 @@ class Cisco_IOS_DHCPD_Address_Conflict_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS DHCPD Address Conflict SYSLOG SNMP"
event_class=DHCPDAddressConflict
preference=1000
require_mibs=["CISCO-SYSLOG-MIB"]
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^source$",r"^SNMP Trap$"),
(r"^profile$",r"^Cisco\.IOS$"),
......
......@@ -28,6 +28,7 @@ class Cisco_IOS_Bad_DNS_Query_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS Bad DNS Query SYSLOG SNMP"
event_class=BadDNSQuery
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^1\.3\.6\.1\.4\.1\.9\.9\.41\.1\.2\.3\.1\.4\.\d+$",r"^BADQUERY$"),
......
......@@ -56,6 +56,7 @@ class Cisco_IOS_dot11_Max_Retries_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS dot11 Max Retries SYSLOG SNMP"
event_class=Dot11MaxRetries
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^source$",r"^SNMP Trap$"),
......@@ -81,10 +82,11 @@ class Cisco_IOS_Dot11_Deauthenticate_SYSLOG_Rule(ClassificationRule):
##
## Cisco.IOS WDS Auth Timeout SNMP
##
class Cisco_IOS_WDS_Auth_Timeout_SNMP_Rule(ClassificationRule):
name="Cisco.IOS WDS Auth Timeout SNMP"
class Cisco_IOS_WDS_Auth_Timeout_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS WDS Auth Timeout SYSLOG SNMP"
event_class=WDSAuthenticationTimeout
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^1\.3\.6\.1\.4\.1\.9\.9\.41\.1\.2\.3\.1\.4\.\d+$",r"^TIMEOUT$"),
......@@ -108,10 +110,11 @@ class Cisco_IOS_WDS_Auth_Timeout_SYSLOG_Rule(ClassificationRule):
##
## Cisco.IOS CCMP Replay SNMP
##
class Cisco_IOS_CCMP_Replay_SNMP_Rule(ClassificationRule):
name="Cisco.IOS CCMP Replay SNMP"
class Cisco_IOS_CCMP_Replay_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS CCMP Replay SYSLOG SNMP"
event_class=CCMPReplay
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^1\.3\.6\.1\.4\.1\.9\.9\.41\.1\.2\.3\.1\.5\.\d+$",r"^AES-CCMP TSC replay was detected on a packet \(TSC \S+\) received from (?P<raw_mac>\S+)\.$"),
......
......@@ -128,6 +128,7 @@ class Cisco_IOS_IPsec_Invalid_SPI_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS IPsec Invalid SPI SYSLOG SNMP"
event_class=IPsecInvalidSPI
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^source$",r"^SNMP Trap$"),
......
......@@ -16,6 +16,7 @@ class Cisco_IOS_Phone_Call_SNMP_Rule(ClassificationRule):
name="Cisco.IOS Phone Call SNMP"
event_class=PhoneCall
preference=1000
required_mibs=["DIAL-CONTROL-MIB"]
patterns=[
(r"^source$",r"^SNMP Trap$"),
(r"^profile$",r"^Cisco\.IOS$"),
......
......@@ -65,6 +65,7 @@ class Cisco_IOS_Login_Failed_SYSLOG_SNMP_Rule(ClassificationRule):
name="Cisco.IOS Login Failed SYSLOG SNMP"
event_class=LoginFailed
preference=1000
required_mibs=["CISCO-SYSLOG-MIB"]
patterns=[
(r"^profile$",r"^Cisco\.IOS$"),
(r"^1\.3\.6\.1\.4\.1\.9\.9\.41\.1\.2\.3\.1\.2\.\d+$",r"^SEC_LOGIN$"),
......
......@@ -40,6 +40,7 @@ class Force10_FTOS_Link_Up_SNMP_Rule(ClassificationRule):
name="Force10.FTOS Link Up SNMP"
event_class=LinkUp
preference=1000
required_mibs=["IF-MIB"]
patterns=[
(r"^profile$",r"^Force10\.FTOS$"),
(r"^1\.3\.6\.1\.6\.3\.1\.1\.4\.1\.0$",r"^1\.3\.6\.1\.6\.3\.1\.1\.5\.4$"),
......@@ -53,6 +54,7 @@ class Force10_FTOS_Link_Down_SNMP_Rule(ClassificationRule):
name="Force10.FTOS Link Down SNMP"
event_class=LinkDown
preference=1000
required_mibs=["IF-MIB"]
patterns=[
(r"^profile$",r"^Force10\.FTOS$"),
(r"^1\.3\.6\.1\.6\.3\.1\.1\.4\.1\.0$",r"^1\.3\.6\.1\.6\.3\.1\.1\.5\.3$"),
......
......@@ -14,6 +14,7 @@ class Linksys_SPS2xx_Link_Up_SNMP_Rule(ClassificationRule):
name="Linksys.SPS2xx Link Up SNMP"
event_class=LinkUp
preference=1000
required_mibs=["IF-MIB"]
patterns=[
(r"^source$", r"^SNMP Trap$"),
(r"^profile$", r"^Linksys\.SPS2xx$"),
......@@ -27,6 +28,7 @@ class Linksys_SPS2xx_Link_Down_SNMP_Rule(ClassificationRule):
name="Linksys.SPS2xx Link Down SNMP"
event_class=LinkDown
preference=1000
required_mibs=["IF-MIB"]
patterns=[
(r"^source$", r"^SNMP Trap$"),
(r"^profile$", r"^Linksys\.SPS2xx$"),
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment