Moduleattackfilterdeactivatedtrap (1.3.6.1.4.1.5655.4.0.26); Moduleemagentgenerictrap (1.3.6.1.4.1.5655.4.0.27); Linkmodesniffingtrap (1.3.6.1.4.1.5655.4.0.28); Moduleredundancyreadytrap (1.3.6.1.4.1.5655.4.0.29) - Cisco SCE2020-4XGBE-SM Configuration Manual

pcubeWorkgroup (1.3.6.1.4.1.5655.4)

moduleAttackFilterDeactivatedTrap (1.3.6.1.4.1.5655.4.0.26)

The attack filter module has removed a filter that was previously activated.
•
•
Following are several examples of pcubeSeEventGenericString1 for various scenarios:
•
•

moduleEmAgentGenericTrap (1.3.6.1.4.1.5655.4.0.27)

A generic trap used by the Cisco management agent.
•
•

linkModeSniffingTrap (1.3.6.1.4.1.5655.4.0.28)

The agent entity has detected that the linkOperMode object in this MIB has changed to sniffing (5).

moduleRedundancyReadyTrap (1.3.6.1.4.1.5655.4.0.29)

The module was able to connect and synch with a redundant entity, and is now ready to handle fail-over
if needed.

moduleRedundantConfigurationMismatchTrap (1.3.6.1.4.1.5655.4.0.30)

The module was not able to synch with a redundant entity, due to an incompatibility in essential
configuration parameters between the module and the redundant entity.

moduleLostRedundancyTrap (1.3.6.1.4.1.5655.4.0.31)

The module has lost the ability to perform the fail-over procedure.
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
B-22
Attack filter type — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
Reason for deactivating the filter — in pcubeSeEventGenericString2
Attack end detected automatically (the number of open flows or ddos-suspected flows drops
below the minimum value configured for the attack detector):
End-of-attack detected — Attack on IP address 10.1.4.135, from subscriber side, protocol UDP.
Action is: Report. Duration 20 seconds, attack comprised of 11736 flows.
End-of-attack detected — Attack from IP address 10.1.4.134, from subscriber side, protocol ICMP.
Action is: Block. Duration 10 seconds, attack comprised of 2093 flows.
Attack end forced by a 'dont-filter', or a previous 'force-filter' command is removed:
Attack filter — Forced to end block of flows from IP address 10.1.1.1, from subscriber side, protocol
TCP. Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 6 seconds, 1
flows blocked.
Attack filter — Forced to end report to IP address 10.1.1.1, from network side, protocol Other.
Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 13 seconds, attack
comprised of 1 flows.
Trap name — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
Relevant parameter — in pcubeSeEventGenericString2
Appendix B Proprietary MIB Reference
OL-7827-12