Hi Joe,
Thanks for that. MY AlertMap now looks like this:
# eventCRENotification localHostAddress
1.3.6.1.4.1.20212.1.6.1 0xfff00fc3 1.3.6.1.4.1.20212.2.1(1,0)\
# timeString
1.3.6.1.4.1.20212.2.2(2,0)\
# ruleName
1.3.6.1.4.1.20212.2.34(3,0)\
# ruleDescription
1.3.6.1.4.1.20212.2.35(4,0)\
# attackerIP
1.3.6.1.4.1.20212.2.12(5,0)\
# attackerPort
1.3.6.1.4.1.20212.2.46(6,0)\
# attackersUserName
1.3.6.1.4.1.20212.2.13(7,0)\
# attackerNetworks
1.3.6.1.4.1.20212.2.17(9,0)\
# targetIP
1.3.6.1.4.1.20212.2.18(8,0)\
# targetPort
1.3.6.1.4.1.20212.2.47(10,0)\
# targetsUserName
1.3.6.1.4.1.20212.2.19(11,0)\
# targetNetworks
1.3.6.1.4.1.20212.2.23(12,0)\
# protocol
1.3.6.1.4.1.20212.2.45(13,0)\
# qid
1.3.6.1.4.1.20212.2.38(14,0)\
# eventName
1.3.6.1.4.1.20212.2.39(15,0)\
# eventDescription
1.3.6.1.4.1.20212.2.40(16,0)\
# category
1.3.6.1.4.1.20212.2.28(17,0)
But it's still not working. Enable_SouthboundGateway 0x116296e is "Yes".
Any further suggestion?
Regards,
Rick