Optional Base64-encoded representation of the stream
data that was sourced by the Attacker.
Parsed from file CISCO-CIDS-MIB.mib
Module: CISCO-CIDS-MIB
Optional Base64-encoded representation of the stream
data that was sourced by the Attacker.
Optional Base64-encoded representation of the stream
data that was sourced by the Attacker.
Parsed from file CISCO-CIDS-MIB.my.txt
Company: None
Module: CISCO-CIDS-MIB
Optional Base64-encoded representation of the stream
data that was sourced by the Attacker.
cidsAlertAttackerContext OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Optional Base64-encoded representation of the stream data that was sourced by the Attacker." ::= { cidsAlert 15 }
cidsAlertAttackerContext OBJECT-TYPE SYNTAX SnmpAdminString ACCESS not-accessible STATUS mandatory DESCRIPTION "Optional Base64-encoded representation of the stream data that was sourced by the Attacker." ::= { cidsAlert 15 }
Vendor: Cisco
Module: CISCO-CIDS-MIB
[Automatically extracted from oidview.com]
cidsAlertAttackerContext OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Optional Base64-encoded representation of the stream data that was sourced by the Attacker." ::= { cidsAlert 15 }
cidsAlertAttackerContext OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Optional Base64-encoded representation of the stream data that was sourced by the Attacker." ::= { cidsAlert 15 }
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.9.9.383.1.2.15.0 | cidsAlertAttackerContext | 0 | 0 | None |
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.9.9.383.1.2.1 | cidsAlertSeverity | 1 | 1 | The severity associated with a Cids signature (informational, low, medium or high for example). |
| 1.3.6.1.4.1.9.9.383.1.2.2 | cidsAlertAlarmTraits | 1 | 1 | The alarm traits is an unsigned 16-bit integer representing the value of the 16 user-defined alarm traits specified in the config… |
| 1.3.6.1.4.1.9.9.383.1.2.3 | cidsAlertSignature | 1 | 1 | Content is a string containing details about the signature that fired, without any specifics tied to this instance of the alert. … |
| 1.3.6.1.4.1.9.9.383.1.2.4 | cidsAlertSignatureSigName | 1 | 1 | The name of the Intrusion detection signature that triggered this event. |
| 1.3.6.1.4.1.9.9.383.1.2.5 | cidsAlertSignatureSigId | 1 | 1 | The ID of the Intrusion detection signature that triggered this event. The ID combines with the cidsAlertSignatureSubSigId to cre… |
| 1.3.6.1.4.1.9.9.383.1.2.6 | cidsAlertSignatureSubSigId | 1 | 1 | The optional Sub ID of the Intrusion detection signature that triggered this event. The Sub ID combines with the cidsAlertSignat… |
| 1.3.6.1.4.1.9.9.383.1.2.7 | cidsAlertSignatureVersion | 1 | 1 | The optional version attribute defines the version number of the signature update in which the triggering signature was introduce… |
| 1.3.6.1.4.1.9.9.383.1.2.8 | cidsAlertSummary | 1 | 1 | Optional, if present, specifies that this is a summary alert, representing one or more alerts with common characteristics. The nu… |
| 1.3.6.1.4.1.9.9.383.1.2.9 | cidsAlertSummaryType | 1 | 1 | Common characteristics shared by all non-summary alerts included in a summary alert. |
| 1.3.6.1.4.1.9.9.383.1.2.10 | cidsAlertSummaryFinal | 1 | 1 | The optional 'final' attribute indicates whether this is the last evAlert containing the same value in the 'initialAlert' attribu… |
| 1.3.6.1.4.1.9.9.383.1.2.11 | cidsAlertSummaryInitialAlert | 1 | 1 | Serial number for the initial alert, which is guaranteed unique within the scope of the originating host. |
| 1.3.6.1.4.1.9.9.383.1.2.12 | cidsAlertInterfaceGroup | 1 | 1 | Optional numeric identifier for a sniffing interface group on this host. |
| 1.3.6.1.4.1.9.9.383.1.2.13 | cidsAlertVlan | 1 | 1 | An optional numeric identifier for a vlan. Identifies the vlan that uses the number in ISL or 802.3.1q headers. |
| 1.3.6.1.4.1.9.9.383.1.2.14 | cidsAlertVictimContext | 1 | 1 | Optional Base64-encoded representation of the stream data that was sourced by the victim. |
| 1.3.6.1.4.1.9.9.383.1.2.16 | cidsAlertAttackerAddress | 1 | 1 | Optional ip address and ports on a monitored interface. The 'locality' attribute is a string that indicates the relative locatio… |
| 1.3.6.1.4.1.9.9.383.1.2.17 | cidsAlertVictimAddress | 1 | 1 | Optional ip address and ports on a monitored interface. The 'locality' attribute is a string that indicates the relative locatio… |
| 1.3.6.1.4.1.9.9.383.1.2.18 | cidsAlertIpLoggingActivated | 1 | 1 | Indicates whether IP logging has been activated as the result of the alert. A separate evIpLogStatus event will be generated whe… |
| 1.3.6.1.4.1.9.9.383.1.2.19 | cidsAlertTcpResetSent | 1 | 1 | Indicates whether a attempt was made to reset a tcp connection as the result of the alert. The addresses and ports affected must… |
| 1.3.6.1.4.1.9.9.383.1.2.20 | cidsAlertShunRequested | 1 | 1 | Indicates whether an IP address or tcp connection has been requested to be shunned as a result of the alert. Details about the a… |
| 1.3.6.1.4.1.9.9.383.1.2.21 | cidsAlertDetails | 1 | 1 | Textual details about the specific alert instance, not just the signature. |
| 1.3.6.1.4.1.9.9.383.1.2.22 | cidsAlertIpLogId | 1 | 1 | IP log identifiers for IP logs that were added as the result of this alert. |
| 1.3.6.1.4.1.9.9.383.1.2.23 | cidsThreatResponseStatus | 1 | 1 | A brief textual description of the status of the alarm given by the Cisco Systems Threat Response engine. |
| 1.3.6.1.4.1.9.9.383.1.2.24 | cidsThreatResponseSeverity | 1 | 1 | The alarm severity as assigned by the Cisco Systems Threat Response engine. |
| 1.3.6.1.4.1.9.9.383.1.2.25 | cidsAlertEventRiskRating | 1 | 1 | A risk factor that incorporates several additional pieces of information beyond the detection of a potentially malicious action. … |
| 1.3.6.1.4.1.9.9.383.1.2.26 | cidsAlertIfIndex | 0 | 0 | The ifIndex on which the activity was detected. |
| 1.3.6.1.4.1.9.9.383.1.2.27 | cidsAlertProtocol | 0 | 0 | Identifies the IP protocol associated with the alert. |
| 1.3.6.1.4.1.9.9.383.1.2.28 | cidsAlertDeniedAttacker | 0 | 0 | Indicates that the traffic from originating from the attacker is being blocked as a result of the alert. This element may be omit… |
| 1.3.6.1.4.1.9.9.383.1.2.29 | cidsAlertDeniedFlow | 0 | 0 | Indicates that the traffic on the TCP connection being blocked as a result of the alert. This element may be omitted if and only… |
| 1.3.6.1.4.1.9.9.383.1.2.30 | cidsAlertDenyPacketReqNotPerf | 0 | 0 | Indicates whether the packet that triggered the alert would have been denied as a result of the alert if the intrusion prevention… |
| 1.3.6.1.4.1.9.9.383.1.2.31 | cidsAlertDenyFlowReqNotPerf | 0 | 0 | Indicates whether the flow that triggered the alert would have been denied as a result of the alert if the intrusion prevention s… |
| 1.3.6.1.4.1.9.9.383.1.2.32 | cidsAlertDenyAttackerReqNotPerf | 0 | 0 | Indicates whether the traffic from the attacker that triggered the alert would have been denied as a result of the alert if the i… |
| 1.3.6.1.4.1.9.9.383.1.2.33 | cidsAlertBlockConnectionReq | 0 | 0 | Indicates that a TCP connection has been requested to be blocked as a result of the alert. This element may be omitted if and on… |
| 1.3.6.1.4.1.9.9.383.1.2.34 | cidsAlertLogAttackerPacketsAct | 0 | 0 | Indicates that packets associated with the attacker(s) identified by this alert are being logged. This element may be omitted if… |
| 1.3.6.1.4.1.9.9.383.1.2.35 | cidsAlertLogVictimPacketsAct | 0 | 0 | Indicates that packets associated with the victim(s) identified by this alert are being logged. This element may be omitted if an… |
| 1.3.6.1.4.1.9.9.383.1.2.36 | cidsAlertLogPairPacketsActivated | 0 | 0 | Indicates that packets associated with the attacker/victim pair(s) identified by this alert are being logged. This element may be… |
| 1.3.6.1.4.1.9.9.383.1.2.37 | cidsAlertRateLimitRequested | 0 | 0 | Indicates that traffic rate limiting based on the source address and protocol associated with the alert has been requested on ext… |
| 1.3.6.1.4.1.9.9.383.1.2.38 | cidsAlertDeniedAttackVictimPair | 0 | 0 | Indicates that traffic from originating from the attackers address and destined for the victims address identified in the alert i… |
| 1.3.6.1.4.1.9.9.383.1.2.39 | cidsAlertDeniedAttackSericePair | 0 | 0 | Indicates that traffic from originating from the attackers address and destined for the destination service port identified in th… |
| 1.3.6.1.4.1.9.9.383.1.2.40 | cidsAlertDenyAttackVicReqNotPerf | 0 | 0 | Indicates that traffic from originating from the attackers address and destined for the victims address identified in the alert w… |
| 1.3.6.1.4.1.9.9.383.1.2.41 | cidsAlertDenyAttackSerReqNotPerf | 0 | 0 | Indicates that traffic from originating from the attackers address and destined for the destination service port identified in th… |
| 1.3.6.1.4.1.9.9.383.1.2.42 | cidsAlertThreatValueRating | 0 | 0 | Value that represents the calculated threat associated with the detected activity. The threat value consists of the cidsAlertEve… |
| 1.3.6.1.4.1.9.9.383.1.2.43 | cidsAlertRiskRatingTargetValue | 0 | 0 | Represents the asset value associated with a target identified in the alert. |
| 1.3.6.1.4.1.9.9.383.1.2.44 | cidsAlertRiskRatingRelevance | 0 | 0 | Value that represents an attack's relevance to the destination target of this alert. |
| 1.3.6.1.4.1.9.9.383.1.2.45 | cidsAlertRiskRatingWatchList | 0 | 0 | Value that represents the amount that the risk rating value was increased due to the source of the activity associated with the a… |
| 1.3.6.1.4.1.9.9.383.1.2.46 | cidsAlertDenyPacket | 0 | 0 | This object indicates that the traffic originating from the attacker is being blocked as a result of the alert. This element may … |
| 1.3.6.1.4.1.9.9.383.1.2.47 | cidsAlertBlockHost | 0 | 0 | This object indicates that a host has been requested to be blocked as a result of the alert. This element may be omitted if and … |
| 1.3.6.1.4.1.9.9.383.1.2.48 | cidsAlertTcpOneWayResetSent | 0 | 0 | This object indicates an attempt to reset one side of the connection (the victim side). The victim address and ports affected mus… |
| 1.3.6.1.4.1.9.9.383.1.2.49 | cidsAlertVirtualSensor | 0 | 0 | This object represents the name of the virtual sensor associated with an Intrusion Prevention System alert. From the virtual sen… |