sigId
NETRANGER ·
.1.3.6.1.4.1.2252.1.1.1.4.9
Object
scalar
mandatory
Integer32
Describes which signature was detected. The full list
of signatures can be found on a NetRanger system at
/usr/nr/etc/signatures.
This object cannot be retrieved from the SNMP agent.
Syntax
Integer32
- Source
- COPS-PR-SPPIInteger32
- Base type
Integer32
Values & Constraints
Type Constraints
range: -2147483648..2147483647
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| addressing | node | - | .1.3.6.1.4.1.2252.1.1.1.4.1 |
| subSigId mandatory Provides additional information about an alarm signature.
This object cannot be retrieved from the SNMP agent. | scalar | Integer32 | .1.3.6.1.4.1.2252.1.1.1.4.11 |
| protocol mandatory Describes the protocol of the attack that was detected.
Usually, this will be TCP/IP.
This object cannot be retrieved from the SNMP agent. | scalar | RFC1213-MIBDisplayString | .1.3.6.1.4.1.2252.1.1.1.4.13 |
| alarmMessage mandatory ASCII string that provides additional information about
an alarm. For instance, this field gives the exact string
that was matched during a string match alarm.
This ob… | scalar | RFC1213-MIBDisplayString | .1.3.6.1.4.1.2252.1.1.1.4.15 |
| srcDirection mandatory Describes whether the source of the alarm is inside or
outside the protected network. IN means inside, and OUT
means outside.
This object cannot be retrieved from the… | scalar | RFC1213-MIBDisplayString | .1.3.6.1.4.1.2252.1.1.1.4.3 |
| dstDirection mandatory Describes whether the destination of the alarm (the
machine being attacked) is inside or outside the
protected network. IN means inside, and OUT means
outside.
This o… | scalar | RFC1213-MIBDisplayString | .1.3.6.1.4.1.2252.1.1.1.4.5 |
| eventLevel mandatory An integer that reflects the severity level of the alarm.
The number can range from 1 to 255, but the current
NetRanger system only uses 1 (least severe) to 5
(most severe).
… | scalar | Integer32 | .1.3.6.1.4.1.2252.1.1.1.4.7 |