CISCO-CIDS-MIB MIB – Observium MIB Browser

CISCO-CIDS-MIB

        Cisco Intrusion Detection System MIB.  Provides
trap definitions for the evAlert and evError
elements of the IDIOM (Intrusion Detection and
Operations Messages) document and read support 
for the Intrusion Detection System (sensor) 
health information, such as if the sensor is
in a memory critical stage.

ciscoCidsMIB 1.3.6.1.4.1.9.9.383

Imported Objects

CISCO-SMI	ciscoMgmt
CISCO-TC	CiscoIpProtocol Unsigned64
IF-MIB	InterfaceIndex
SNMP-FRAMEWORK-MIB	SnmpAdminString
SNMPv2-CONF	MODULE-COMPLIANCE NOTIFICATION-GROUP OBJECT-GROUP
SNMPv2-SMI	Counter32 Gauge32 Integer32 MODULE-IDENTITY NOTIFICATION-TYPE OBJECT-IDENTITY OBJECT-TYPE TimeTicks Unsigned32
SNMPv2-TC	DateAndTime DisplayString TEXTUAL-CONVENTION TruthValue

Type Definitions (5)

CidsApplicationStatus	Enumeration	`notResponding(1)` `notRunning(2)` `processingTransaction(3)` `reconfiguring(4)` `running(5)` `starting(6)` `stopping(7)` `unknown(8)` `upgradeInprogress(9)`
CidsAttackRelevance	Enumeration	`relevant(1)` `notRelevant(2)` `unknown(3)`
CidsErrorCode	Enumeration	`errAuthenticationTokenExpired(1)` `errConfigCollision(2)` `errInUse(3)` `errInvalidDocument(4)` `errLimitExceeded(5)` `errNotAvailable(6)` `errNotFound(7)` `errNotSupported(8)` `errPermissionDenied(9)` `errSyslog(10)` `errSystemError(11)` `errTransport(12)` `errUnacceptableValue(13)` `errUnclassified(14)` `errWarning(15)` `errEngineBuildFailed(16)`
CidsHealthStatusColor	Enumeration	`green(1)` `yellow(2)` `red(3)`
CidsTargetValue	Enumeration	`zeroValue(1)` `low(2)` `medium(3)` `high(4)` `missionCritical(5)`

Objects (109)

ciscoCidsMIB		`.1.3.6.1.4.1.9.9.383`
ciscoCidsMIBNotifs		`.1.3.6.1.4.1.9.9.383.0`
ciscoCidsMIBObjects		`.1.3.6.1.4.1.9.9.383.1`
cidsGeneral		`.1.3.6.1.4.1.9.9.383.1.1`
cidsGeneralEventId	CISCO-TCUnsigned64	`.1.3.6.1.4.1.9.9.383.1.1.1`
cidsGeneralLocalTime	SNMPv2-TCDateAndTime	`.1.3.6.1.4.1.9.9.383.1.1.2`
cidsGeneralUTCTime	SNMPv2-TCDateAndTime	`.1.3.6.1.4.1.9.9.383.1.1.3`
cidsGeneralOriginatorHostId	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.1.4`
cidsGeneralOriginatorAppName	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.1.5`
cidsGeneralOriginatorAppId	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.1.6`
cidsNotificationsEnabled r/w	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.1.7`
cidsAlert		`.1.3.6.1.4.1.9.9.383.1.2`
cidsAlertSeverity	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.1`
cidsAlertSummaryFinal	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.10`
cidsAlertSummaryInitialAlert	CISCO-TCUnsigned64	`.1.3.6.1.4.1.9.9.383.1.2.11`
cidsAlertInterfaceGroup deprecated	Integer32	`.1.3.6.1.4.1.9.9.383.1.2.12`
cidsAlertVlan	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.13`
cidsAlertVictimContext	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.14`
cidsAlertAttackerContext	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.15`
cidsAlertAttackerAddress	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.16`
cidsAlertVictimAddress	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.17`
cidsAlertIpLoggingActivated	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.18`
cidsAlertTcpResetSent	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.19`
cidsAlertAlarmTraits	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.2`
cidsAlertShunRequested	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.20`
cidsAlertDetails	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.21`
cidsAlertIpLogId	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.22`
cidsThreatResponseStatus	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.2.23`
cidsThreatResponseSeverity	Integer32	`.1.3.6.1.4.1.9.9.383.1.2.24`
cidsAlertEventRiskRating	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.25`
cidsAlertIfIndex	IF-MIBInterfaceIndex	`.1.3.6.1.4.1.9.9.383.1.2.26`
cidsAlertProtocol	CISCO-TCCiscoIpProtocol	`.1.3.6.1.4.1.9.9.383.1.2.27`
cidsAlertDeniedAttacker	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.28`
cidsAlertDeniedFlow	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.29`
cidsAlertSignature	OctetString	`.1.3.6.1.4.1.9.9.383.1.2.3`
cidsAlertDenyPacketReqNotPerf	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.30`
cidsAlertDenyFlowReqNotPerf	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.31`
cidsAlertDenyAttackerReqNotPerf	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.32`
cidsAlertBlockConnectionReq	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.33`
cidsAlertLogAttackerPacketsAct	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.34`
cidsAlertLogVictimPacketsAct	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.35`
cidsAlertLogPairPacketsActivated	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.36`
cidsAlertRateLimitRequested	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.37`
cidsAlertDeniedAttackVictimPair	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.38`
cidsAlertDeniedAttackSericePair	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.39`
cidsAlertSignatureSigName	OctetString	`.1.3.6.1.4.1.9.9.383.1.2.4`
cidsAlertDenyAttackVicReqNotPerf	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.40`
cidsAlertDenyAttackSerReqNotPerf	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.41`
cidsAlertThreatValueRating	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.42`
cidsAlertRiskRatingTargetValue	CidsTargetValue	`.1.3.6.1.4.1.9.9.383.1.2.43`
cidsAlertRiskRatingRelevance	CidsAttackRelevance	`.1.3.6.1.4.1.9.9.383.1.2.44`
cidsAlertRiskRatingWatchList	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.45`
cidsAlertDenyPacket	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.46`
cidsAlertBlockHost	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.47`
cidsAlertTcpOneWayResetSent	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.2.48`
cidsAlertVirtualSensor	OctetString	`.1.3.6.1.4.1.9.9.383.1.2.49`
cidsAlertSignatureSigId	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.5`
cidsAlertSignatureSubSigId	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.6`
cidsAlertSignatureVersion	OctetString	`.1.3.6.1.4.1.9.9.383.1.2.7`
cidsAlertSummary	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.2.8`
cidsAlertSummaryType	OctetString	`.1.3.6.1.4.1.9.9.383.1.2.9`
cidsError		`.1.3.6.1.4.1.9.9.383.1.3`
cidsErrorSeverity	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.3.1`
cidsErrorName	CidsErrorCode	`.1.3.6.1.4.1.9.9.383.1.3.2`
cidsErrorMessage	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.3.3`
cidsHealth		`.1.3.6.1.4.1.9.9.383.1.4`
cidsHealthPacketLoss	percentInteger32	`.1.3.6.1.4.1.9.9.383.1.4.1`
cidsHealthActiveNodes	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.10`
cidsHealthTcpDualIpAndPorts	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.11`
cidsHealthUdpDualIpAndPorts	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.12`
cidsHealthIpDualIp	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.13`
cidsHealthIsSensorMemoryCritical	Unsigned32	`.1.3.6.1.4.1.9.9.383.1.4.14`
cidsHealthIsSensorActive	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.4.15`
cidsHealthCommandAndControlPort	SNMP-FRAMEWORK-MIBSnmpAdminString	`.1.3.6.1.4.1.9.9.383.1.4.16`
cidsHealthSensorStatsResetTime	SNMPv2-SMITimeTicks	`.1.3.6.1.4.1.9.9.383.1.4.17`
cidsHealthSecMonAvailability	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.4.18`
cidsHealthSecMonOverallHealth	CidsHealthStatusColor	`.1.3.6.1.4.1.9.9.383.1.4.19`
cidsHealthPacketDenialRate	percentInteger32	`.1.3.6.1.4.1.9.9.383.1.4.2`
cidsHealthSecMonSoftwareVersion	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.20`
cidsHealthSecMonSignatureVersion	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.21`
cidsHealthSecMonLicenseStatus	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.22`
cidsHealthSecMonOverallAppColor	CidsHealthStatusColor	`.1.3.6.1.4.1.9.9.383.1.4.23`
cidsHealthSecMonMainAppStatus	CidsApplicationStatus	`.1.3.6.1.4.1.9.9.383.1.4.24`
cidsHealthSecMonAnalysisEngineStatus	CidsApplicationStatus	`.1.3.6.1.4.1.9.9.383.1.4.25`
cidsHealthSecMonCollaborationAppStatus	CidsApplicationStatus	`.1.3.6.1.4.1.9.9.383.1.4.26`
cidsHealthSecMonByPassMode	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.383.1.4.27`
cidsHealthSecMonMissedPktPctAndThresh	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.28`
cidsHealthSecMonAnalysisEngMemPercent	percentInteger32	`.1.3.6.1.4.1.9.9.383.1.4.29`
cidsHealthAlarmsGenerated	SNMPv2-SMICounter32	`.1.3.6.1.4.1.9.9.383.1.4.3`
cidsHealthSecMonSensorLoad	Integer32	`.1.3.6.1.4.1.9.9.383.1.4.30`
cidsHealthSecMonSensorLoadColor	CidsHealthStatusColor	`.1.3.6.1.4.1.9.9.383.1.4.31`
cidsHealthSecMonVirtSensorStatusTable		`.1.3.6.1.4.1.9.9.383.1.4.32`
cidsHealthSecMonVirtSensorStatusEntry	cidsHealthSecMonVirtSensorName	`.1.3.6.1.4.1.9.9.383.1.4.32.1`
cidsHealthSecMonVirtSensorName	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.32.1.1`
cidsHealthSecMonVirtSensorStatus	CidsHealthStatusColor	`.1.3.6.1.4.1.9.9.383.1.4.32.1.2`
cidsHealthSecMonDataStorageTable		`.1.3.6.1.4.1.9.9.383.1.4.33`
cidsHealthSecMonDataStorageEntry	cidsHealthSecMonPartitionName	`.1.3.6.1.4.1.9.9.383.1.4.33.1`
cidsHealthSecMonPartitionName	OctetString	`.1.3.6.1.4.1.9.9.383.1.4.33.1.1`
cidsHealthSecMonTotalPartitionSpace	MBUnsigned32	`.1.3.6.1.4.1.9.9.383.1.4.33.1.2`
cidsHealthSecMonUtilizedPartitionSpace	MBUnsigned32	`.1.3.6.1.4.1.9.9.383.1.4.33.1.3`
cidsHealthFragmentsInFRU	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.4`
cidsHealthDatagramsInFRU	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.5`
cidsHealthTcpEmbryonicStreams	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.6`
cidsHealthTCPEstablishedStreams	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.7`
cidsHealthTcpClosingStreams	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.8`
cidsHealthTcpStreams	SNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.383.1.4.9`
ciscoCidsMIBConform		`.1.3.6.1.4.1.9.9.383.2`
ciscoCidsMIBCompliances		`.1.3.6.1.4.1.9.9.383.2.1`
ciscoCidsMIBGroups		`.1.3.6.1.4.1.9.9.383.2.2`

Notifications / Traps (4)

Name	OID	Description
ciscoCidsAlert cidsGeneralEventId cidsGeneralLocalTime cidsGeneralUTCTime cidsGeneralOriginatorHostId cidsAlertSeverity cidsAlertSignatureSigName cidsAlertSignatureSigId cidsAlertSignatureSubSigId cidsAlertAlarmTraits cidsAlertAttackerAddress cidsAlertVictimAddress	`.1.3.6.1.4.1.9.9.383.0.1`	Event indicating that some suspicious or malicious activity has been detected on a monitored network.
ciscoCidsError cidsGeneralEventId cidsGeneralLocalTime cidsGeneralUTCTime cidsGeneralOriginatorHostId cidsErrorSeverity cidsErrorName cidsErrorMessage	`.1.3.6.1.4.1.9.9.383.0.2`	Event indicating that an error has occurred.
ciscoCidsHealthHeartBeat cidsGeneralEventId cidsGeneralOriginatorHostId cidsGeneralLocalTime cidsGeneralUTCTime cidsHealthSecMonOverallAppColor cidsHealthSecMonSensorLoadColor cidsHealthSecMonOverallHealth	`.1.3.6.1.4.1.9.9.383.0.3`	This notification is triggered by the heart beat events (evStatus). The heartbeat is configured to run on a periodic basis and can be enabled/disabled through heart beat configuration under the health service. If the heart beat is disabled these notification events will not be sent. This notification is supposed to mirror the heart beat evStatus message however it is a subset of the most critical pieces of data. Namely this will include the following pieces of data: - Event ID - Host ID - Local Time - UTC Time - Overall Application Color - Sensor/Inspection Load Color - Overall Health
ciscoCidsHealthMetricChange cidsGeneralEventId cidsGeneralOriginatorHostId cidsGeneralLocalTime cidsGeneralUTCTime cidsHealthSecMonOverallAppColor cidsHealthSecMonSensorLoadColor cidsHealthSecMonOverallHealth	`.1.3.6.1.4.1.9.9.383.0.4`	This notification notifies the recipient of health and security status changes. This notification is triggered when there is a change in the value of monitored metrics as indicated by evStatus message. This notification will include the following important subset of attributes from evStatus message: - Event ID - Host ID - Local Time - UTC Time - Overall Application Color - Sensor/Inspection Load Color - Overall Health This is similar to the heart beat, however the triggering condition is different. The heart beat fires on a regular interval and this is sent immediately after a change in a monitored metric. Metric change notifications can be enabled while the heart beat is disabled.