These log messages refer to the SNMP category.
2.42.1. [ID: 478] SNMP access
- Log Categories
- SNMP
- Log Message
- SNMP access.
- Default Log Severity
- Notice
- Parameters
- srcip, destip
- Explanation
- A SNMP packet was received.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.42.2. [ID: 1506] SNMP authentication failure
- Log Categories
- SNMP
- Log Message
- SNMP authentication failure.
- Default Log Severity
- Warning
- SNMP Trap Category
- SNMP
- SNMP Trap MIB name
- authenticationFailure
- SNMP Trap MIB OID
- 1.3.6.1.6.3.1.1.5.5 (SNMPv2-MIB, RFC3418)
- Parameters
- srcip, destip
- Explanation
- The system has received a protocol message that is not properly authenticated. The packet was thus silently dropped.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- Check the configured authentication items. If the problem persist check for abnormal traffic.
2.42.3. [ID: 1505] Max restart counter
- Log Categories
- SNMP
- Log Message
- Max restart counter.
- Default Log Severity
- Alert
- Parameters
-
- Explanation
- The restart counter has reached the maximum allowed value. SNMPv3 traps and responses will not be sent until the RemoteMgmtSettings:SNMPv3EngineId advanced setting has been changed. This is required to prevent eavesdropping adversaries from decrypting SNMPv3 messages.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- Set a new Engine Id in RemoteMgmtSettings:SNMPv3EngineId advanced setting.
2.42.4. [ID: 1680] SNMP not in time window
- Log Categories
- SNMP
- Log Message
- SNMP not in time window.
- Default Log Severity
- Notice
- Parameters
- srcip, destip
- Explanation
- The SNMP3 client made a request outside the current time window (request contains values that have been deprecated, typically
a time value that is off by more than 150 seconds). The original request has been dropped, and a notification has been sent
to the client with the correct time window to use (as specified by RFC3414 this is done by returning the value of the usmStatsNotInTimeWindows
counter without encryption).
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- Normally nothing needs to be done. A valid SNMP3 client will automatically adjust its time window with the supplied information.
Make sure that the client is using the correct authentication credentials if it is continuing to use faulty values.
2.42.5. [ID: 763] SNMP unexpected version
- Log Categories
- SNMP
- Log Message
- SNMP unexpected version.
- Default Log Severity
- Warning
- Parameters
- srcip, destip
- Explanation
- A packet was received for a not supported SNMP version.
- Gateway Action
- Drop
- Action Description
- None
- Proposed Action
- Make sure your SNMP client is using a supported SNMP version.
2.42.6. [ID: 1681] SNMP unknown engine ID
- Log Categories
- SNMP
- Log Message
- SNMP unknown engine ID.
- Default Log Severity
- Warning
- Parameters
- srcip, destip
- Explanation
- The SNMP3 client made a request for, what appears to be, another system. It is impossible for the system to validate the authenticity
of an SNMP3 request using an unknown engine ID, and so (the system) replied with an error message. Normal SNMP clients will
close the connection with an error upon receiving this reply.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
cOS Stream 4.00.03 Log Reference Guide
