Symantec Privileged Access Management

  • Private Community
 View Only

 SNMP Trap Log Specification

Jump to Best Answer
MARUBUN SUPPORT's profile image
MARUBUN SUPPORT posted Jul 28, 2022 12:27 AM
Hi There,

version
4.0.2.203

Please provide the specifications for the SNMP trap log.
In the SNMP trap, if I receive the following CAPAM message

message1;
Snmptrap(regrexp:@SnmpTrap_CAPAM): PROBLEM DETAIL:(2022/06/14 01:32:03 .1.3.6.1.4.1.10449.0.301 Normal General event 192.168.96.171 -
An administrator has enabled the Xsuite logwatch. gkAppLogwatchStatus Xsuite Logwatch process started. 07 E6 06 0D 10 20 03 00 1830 3)

message2;
Snmptrap(regrexp:@SnmpTrap_CAPAM): PROBLEM DETAIL:(2022/06/13 18:43:35 .1.3.6.1.4.1.10449.0.111 Normal General event 192.168.97.171 -
Credentials Management server is deactivated.ID: cspm1 Address: 192.168.67.96 The PAM's Credentials Management database has been deactivated.
07 E6 06 0D 09 2B 23 00 1827 2 Credentials Management server is deactivated. gkSysCredMgmtStatus Xsuite)

(1) Please tell me the meaning of the code [.1.3.6.1.4.1.] in the message.

(2) In the message, there are [301] , [111].
 From the help site [MIB (Management Information Base) for using SNMP], we recognize the following
 I am aware of the following

 -Notification type : gkAppLogwatchStatus Logwatch
 -Description : Process started
 -OID : 301

 Under what conditions do traps with this code occur?
 
 Also, there was no description of the [111] code, but please let us know as well.
Ralf Prigl's profile image
Broadcom Employee Ralf Prigl posted Jul 28, 2022 01:21 AM Best Answer
Hello, Are you saying that you received the 111 message from PAM 4.0.2? That should not be the case. This is an obsolete message that was used in older releases. For OID specifications, see e.g. Wikipedia's Object Identifier page.
Ralf Prigl's profile image
Broadcom Employee Ralf Prigl posted Jul 28, 2022 01:25 AM
I forgot to mention that the "Logwatch Process Started" message should be observed when the PAM server reboots.