pcubeWorkgroup (1.3.6.1.4.1.5655.4)
moduleAttackFilterDeactivatedTrap (1.3.6.1.4.1.5655.4.0.26)
The attack filter module has removed a filter that was previously activated.
•
•
Following are several examples of pcubeSeEventGenericString1 for various scenarios:
•
•
moduleEmAgentGenericTrap (1.3.6.1.4.1.5655.4.0.27)
A generic trap used by the Cisco management agent.
•
•
linkModeSniffingTrap (1.3.6.1.4.1.5655.4.0.28)
The agent entity has detected that the linkOperMode object in this MIB has changed to sniffing (5).
moduleRedundancyReadyTrap (1.3.6.1.4.1.5655.4.0.29)
The module was able to connect and synch with a redundant entity, and is now ready to handle fail-over
if needed.
moduleRedundantConfigurationMismatchTrap (1.3.6.1.4.1.5655.4.0.30)
The module was not able to synch with a redundant entity, due to an incompatibility in essential
configuration parameters between the module and the redundant entity.
moduleLostRedundancyTrap (1.3.6.1.4.1.5655.4.0.31)
The module has lost the ability to perform the fail-over procedure.
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
B-22
Attack filter type — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
Reason for deactivating the filter — in pcubeSeEventGenericString2
Attack end detected automatically (the number of open flows or ddos-suspected flows drops
below the minimum value configured for the attack detector):
End-of-attack detected — Attack on IP address 10.1.4.135, from subscriber side, protocol UDP.
Action is: Report. Duration 20 seconds, attack comprised of 11736 flows.
End-of-attack detected — Attack from IP address 10.1.4.134, from subscriber side, protocol ICMP.
Action is: Block. Duration 10 seconds, attack comprised of 2093 flows.
Attack end forced by a 'dont-filter', or a previous 'force-filter' command is removed:
Attack filter — Forced to end block of flows from IP address 10.1.1.1, from subscriber side, protocol
TCP. Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 6 seconds, 1
flows blocked.
Attack filter — Forced to end report to IP address 10.1.1.1, from network side, protocol Other.
Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 13 seconds, attack
comprised of 1 flows.
Trap name — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
Relevant parameter — in pcubeSeEventGenericString2
Appendix B
Proprietary MIB Reference
OL-7827-12