cidsAlertDenyAttackerReqNotPerf
CISCO-CIDS-MIB ·
.1.3.6.1.4.1.9.9.383.1.2.32
Object
scalar
SNMPv2-TCTruthValue
Indicates whether the traffic from the attacker that triggered the alert would have been denied as a result of the alert if the intrusion prevention system was operating in inline mode. However, this action was not actually taken because the intrusion prevention system was operating in promiscuous mode. This element may be omitted if and only if its value is false.
Context
- MIB
- CISCO-CIDS-MIB
- OID
.1.3.6.1.4.1.9.9.383.1.2.32- Type
- scalar
- Access
- notifyonly
- Status
- current
- Parent
- cidsAlert
- Siblings
- 48
Values & Constraints
Type Values
1 | true |
2 | false |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| cidsAlertSeverity The severity associated with a Cids signature
(informational, low, medium or high for
example). | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.1 |
| cidsAlertSummaryFinal The optional 'final' attribute indicates whether
this is the last evAlert containing the same value
in the 'initialAlert' attribute. The 'final'
attribute may be omitted if and… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.10 |
| cidsAlertSummaryInitialAlert Serial number for the initial alert, which is
guaranteed unique within the scope of the
originating host. | scalar | CISCO-TCUnsigned64 | .1.3.6.1.4.1.9.9.383.1.2.11 |
| cidsAlertInterfaceGroup deprecated This object indicates an optional numeric identifier for a
sniffing
interface group on this host. | scalar | Integer32 | .1.3.6.1.4.1.9.9.383.1.2.12 |
| cidsAlertVlan An optional numeric identifier for a vlan. Identifies
the vlan that uses the number in ISL or 802.3.1q
headers. | scalar | Unsigned32 | .1.3.6.1.4.1.9.9.383.1.2.13 |
| cidsAlertVictimContext Optional Base64-encoded representation of the stream
data that was sourced by the victim. | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.14 |
| cidsAlertAttackerContext Optional Base64-encoded representation of the stream
data that was sourced by the Attacker. | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.15 |
| cidsAlertAttackerAddress Optional IP address and ports on a monitored
interface. The 'locality' attribute is a string
that indicates the relative location of the IP
address within the network mapping, … | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.16 |
| cidsAlertVictimAddress Optional IP address and ports on a monitored
interface. The 'locality' attribute is a string
that indicates the relative location of the IP
address within the network mapping, … | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.17 |
| cidsAlertIpLoggingActivated Indicates whether IP logging has been activated as
the result of the alert. A separate evIpLogStatus
event will be generated when logging has been
completed. The evIpLogStatus… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.18 |
| cidsAlertTcpResetSent Indicates whether a attempt was made to reset a tcp
connection as the result of the alert. The addresses
and ports affected must be implied from the
information contained in th… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.19 |
| cidsAlertAlarmTraits The alarm traits is an unsigned 16-bit integer
representing the value of the 16 user-defined
alarm traits specified in the configuration for
the signature that triggered the ale… | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.2 |
| cidsAlertShunRequested Indicates whether an IP address or tcp connection
has been requested to be shunned as a result of the
alert. Details about the addresses and ports
involved in the shun can be o… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.20 |
| cidsAlertDetails Textual details about the specific alert instance,
not just the signature. | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.21 |
| cidsAlertIpLogId IP log identifiers for IP logs that were added as
the result of this alert. | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.22 |
| cidsThreatResponseStatus A brief textual description of the status of
the alarm given by the Cisco Systems Threat
Response engine. | scalar | SNMP-FRAMEWORK-MIBSnmpAdminString | .1.3.6.1.4.1.9.9.383.1.2.23 |
| cidsThreatResponseSeverity The alarm severity as assigned by the Cisco Systems
Threat Response engine. | scalar | Integer32 | .1.3.6.1.4.1.9.9.383.1.2.24 |
| cidsAlertEventRiskRating A risk factor that incorporates several additional
pieces of information beyond the detection of a
potentially malicious action. The factors that
characterize this risk are the… | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.25 |
| cidsAlertIfIndex The ifIndex on which the activity was detected. | scalar | IF-MIBInterfaceIndex | .1.3.6.1.4.1.9.9.383.1.2.26 |
| cidsAlertProtocol Identifies the IP protocol associated with the
alert. | scalar | CISCO-TCCiscoIpProtocol | .1.3.6.1.4.1.9.9.383.1.2.27 |
| cidsAlertDeniedAttacker Indicates that the traffic from originating from
the attacker is being blocked as a result of the
alert. This element may be omitted if and only if
its value is false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.28 |
| cidsAlertDeniedFlow Indicates that the traffic on the TCP connection
being blocked as a result of the alert. This
element may be omitted if and only if its value
is false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.29 |
| cidsAlertSignature Content is a string containing details about the
signature that fired, without any specifics tied
to this instance of the alert. The
cidsAlertSignatureSigName, cidsAlertSignat… | scalar | OctetString | .1.3.6.1.4.1.9.9.383.1.2.3 |
| cidsAlertDenyPacketReqNotPerf Indicates whether the packet that triggered the
alert would have been denied as a result of the
alert if the intrusion prevention system was
operating in inline mode. However, … | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.30 |
| cidsAlertDenyFlowReqNotPerf Indicates whether the flow that triggered the
alert would have been denied as a result of the
alert if the intrusion prevention system was
operating in inline mode. However, th… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.31 |
| cidsAlertBlockConnectionReq Indicates that a TCP connection has been requested
to be blocked as a result of the alert. This element
may be omitted if and only if its value is false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.33 |
| cidsAlertLogAttackerPacketsAct Indicates that packets associated with the
attacker(s) identified by this alert are being
logged. This element may be omitted if and
only if its value is false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.34 |
| cidsAlertLogVictimPacketsAct Indicates that packets associated with the victim(s)
identified by this alert are being logged. This
element may be omitted if and only if its value is
false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.35 |
| cidsAlertLogPairPacketsActivated Indicates that packets associated with the
attacker/victim pair(s) identified by this alert
are being logged. This element may be omitted if
and only if its value is false. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.36 |
| cidsAlertRateLimitRequested Indicates that traffic rate limiting based on the
source address and protocol associated with the alert
has been requested on external network devices. This
element may be omitt… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.37 |
| cidsAlertDeniedAttackVictimPair Indicates that traffic from originating from the
attackers address and destined for the victims address
identified in the alert is being denied as a result of
the alert. This elem… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.38 |
| cidsAlertDeniedAttackSericePair Indicates that traffic from originating from the
attackers address and destined for the destination
service port identified in the alert is being denied
as a result of the alert… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.39 |
| cidsAlertSignatureSigName The name of the Intrusion detection signature
that triggered this event. | scalar | OctetString | .1.3.6.1.4.1.9.9.383.1.2.4 |
| cidsAlertDenyAttackVicReqNotPerf Indicates that traffic from originating from the
attackers address and destined for the victims address
identified in the alert would have been denied as a
result of the alert if… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.40 |
| cidsAlertDenyAttackSerReqNotPerf Indicates that traffic from originating from the
attackers address and destined for the destination
service port identified in the alert would have been
denied as a result of th… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.41 |
| cidsAlertThreatValueRating Value that represents the calculated threat
associated with the detected activity. The threat
value consists of the cidsAlertEventRiskRating
adjusted for the mitigation action … | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.42 |
| cidsAlertRiskRatingTargetValue Represents the asset value associated with
a target identified in the alert. | scalar | CidsTargetValue | .1.3.6.1.4.1.9.9.383.1.2.43 |
| cidsAlertRiskRatingRelevance Value that represents an attack's relevance to
the destination target of this alert. | scalar | CidsAttackRelevance | .1.3.6.1.4.1.9.9.383.1.2.44 |
| cidsAlertRiskRatingWatchList Value that represents the amount that the risk
rating value was increased due to the source
of the activity associated with the alert being
on a watchlist. | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.45 |
| cidsAlertDenyPacket This object indicates that the traffic originating from
the attacker is being blocked as a result of the
alert. This element may be omitted if and only if
its value is 'false'. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.46 |
| cidsAlertBlockHost This object indicates that a host has been requested
to be blocked as a result of the alert. This element
may be omitted if and only if its value is 'false'. | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.47 |
| cidsAlertTcpOneWayResetSent This object indicates an attempt to reset one side of the
connection (the victim side). The victim address and ports
affected must be implied from the information contained in the… | scalar | SNMPv2-TCTruthValue | .1.3.6.1.4.1.9.9.383.1.2.48 |
| cidsAlertVirtualSensor This object represents the name of the virtual sensor
associated with an Intrusion Prevention System alert. From the
virtual sensor name one can correlate which signature set and… | scalar | OctetString | .1.3.6.1.4.1.9.9.383.1.2.49 |
| cidsAlertSignatureSigId The ID of the Intrusion detection signature
that triggered this event. The ID combines
with the cidsAlertSignatureSubSigId to
create a unique key that identifies the
signature … | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.5 |
| cidsAlertSignatureSubSigId The optional Sub ID of the Intrusion detection
signature that triggered this event. The Sub
ID combines with the cidsAlertSignatureSigId
to create a unique key that identifies th… | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.6 |
| cidsAlertSignatureVersion The optional version attribute defines the version
number of the signature update in which the triggering
signature was introduced or was last modified.
Example: 4.1(1.1)S47(0.1) | scalar | OctetString | .1.3.6.1.4.1.9.9.383.1.2.7 |
| cidsAlertSummary Optional, if present, specifies that this is a
summary alert, representing one or more alerts with
common characteristics. The numeric value indicates
the number of times the sig… | scalar | SNMPv2-SMIUnsigned32 | .1.3.6.1.4.1.9.9.383.1.2.8 |
| cidsAlertSummaryType Common characteristics shared by all non-summary
alerts included in a summary alert. | scalar | OctetString | .1.3.6.1.4.1.9.9.383.1.2.9 |