CidsErrorCode |
|
An enumerated value which identifies the general
category of error that occurred.
errAuthenticationTokenExpired
The requested action could not be carried out
because the requestor has provided an
authentication token (e.g. password) that has
expired.
errConfigCollision
The value of the config-token request
parameter in a setComponentConfig control
transaction request does not match the
current configuration document on the target
host. Typically this indicates that the
configuration on the target host has been
modified by another user.
errInUse
The requested action could not be completed
because it requires access to a resource
that is in use.
errInvalidDocument
The request contained a document that was
not well-formed, contained an incorrect root
element, or contained additional elements or
attributes that are not permitted by the lax
IDIOM schema.
errLimitExceeded
The requested action could not be completed
because it would create a resource that
would exceed a system resource limit.
errNotAvailable
The requested action is supported but cannot
be performed due to the current
configuration of the target host.
errNotFound
A resource specified in the request does
not exist.
errNotSupported
The requested action is not supported on
the target host.
errPermissionDenied
The requestor does not have a sufficiently
high authorization level to perform the
requested action.
errSyslog
Used to convey messages of interest from
the host system's syslog.
errSystemError
A system error occurred, such as an
out-of-memory condition, disk access error,
etc.
errTransport
The requested action could not be carried
out because of a communications failure
with another host that is involved in the
action.
errUnacceptableValue
The request document was valid but
contained one or more values that could
not be accepted because they either:
(1) conflict with other values in the same
document or (2) are not acceptable due to
the current state of the system.
errUnclassified
Used to convey an unclassified error
condition.
errWarning
Used to convey a software warning
condition detected by an application
running on the host system.
errEngineBuildFailed
The system failed to build an intrusion
detection engine. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
errAuthenticationTokenExpired(1), errConfigCollision(2), errInUse(3), errInvalidDocument(4), errLimitExceeded(5), errNotAvailable(6), errNotFound(7), errNotSupported(8), errPermissionDenied(9), errSyslog(10), errSystemError(11), errTransport(12), errUnacceptableValue(13), errUnclassified(14), errWarning(15), errEngineBuildFailed(16) |
|
CidsHealthSecMonVirtSensorStatusEntry |
|
SEQUENCE |
|
|
|
|
cidsHealthSecMonVirtSensorName |
DisplayString |
|
|
cidsHealthSecMonVirtSensorStatus |
CidsHealthStatusColor |
|
CidsHealthSecMonDataStorageEntry |
|
SEQUENCE |
|
|
|
|
cidsHealthSecMonPartitionName |
DisplayString |
|
|
cidsHealthSecMonTotalPartitionSpace |
Unsigned32 |
|
|
cidsHealthSecMonUtilizedPartitionSpace |
Unsigned32 |
|
cidsAlertVictimContext |
1.3.6.1.4.1.9.9.383.1.2.14 |
Optional Base64-encoded representation of the stream
data that was sourced by the victim. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
cidsAlertAttackerContext |
1.3.6.1.4.1.9.9.383.1.2.15 |
Optional Base64-encoded representation of the stream
data that was sourced by the Attacker. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
cidsHealthSecMonMainAppStatus |
1.3.6.1.4.1.9.9.383.1.4.24 |
This object indicates the running status for the control plane.
This object is instantiated only if the value of
cidsHealthSecMonAvailability is set to 'true'. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CidsApplicationStatus |
|
|
cidsHealthSecMonVirtSensorStatusEntry |
1.3.6.1.4.1.9.9.383.1.4.32.1 |
An entry (conceptual row) in the
cidsHealthSecMonVirtSensorStatusTable. There will be one per
virtual sensor on the system.
A virtual sensor allows one to logically separate their sensor
configuration for different sets of interfaces. For example
virtual sensor vs0 may apply to one set of interfaces and vs1
would apply to another set of interfaces. This table allows
someone to get the status of each of the virtual sensors to
determine the health of the associated networks.
For example you could have vs0 monitoring your finance networks
and vs1 monitoring your engineering networks and track the
health of each of these networks independently. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CidsHealthSecMonVirtSensorStatusEntry |
|
|
cidsHealthSecMonDataStorageEntry |
1.3.6.1.4.1.9.9.383.1.4.33.1 |
An entry (conceptual row) in the
cidsHealthSecMonDataStorageTable.
There will be one row per partition.
This table is here to track the health of the storage on the
IPS sensor. The following partitions will have their status
displayed as part of the data storage table:
system
This is the root file system on the sensor; this file system
should not change too much over time and should not be full.
application-data
This is the main file system where application binaries,
application logs and configuration data is stored. This file
system will change due to logging and configuration changes; if
this file system is full it will present stability problems.
This partition is the most important in the system to monitor.
boot
Kernel/boot data storage partition; this should not change
much other than during an image upgrade.
application-log
This partition has fixed sized files to store IPLOG data.
This will likely run near full capacity without being a
problem.
The most important partition to monitor over time is the
application-data partition; if it runs to capacity problems
will occur as processes will no longer be able to write data to
the file system.
Note: File system setup and utilization will vary per platform
model; there are no perfect rules for monitoring these across
all platforms however you should be able to use trends over
time to indicate if you are going to fill up a file system that
should not run at capacity such as the application-data
partition. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CidsHealthSecMonDataStorageEntry |
|
|