AnsweredAssumed Answered

How to track IPS (Threat Prevention) by SNMP trap

Question asked by Louis Poulin on Apr 26, 2018
Latest reply on Apr 27, 2018 by Dameon Welch Abernathy

Running R80.10, how do you "track" IPS rules hit by SNMP trap to get useful (or custom) information?

 

For example, I would like the following information in the trap when the IPS prevent or detect something :

Severity

Confidence Level

Attack Name

Attack Information

Performance Impact

Protection Name

Protection Type

Action

 

But by default, there is no real valuable information in the trap in my own humble opinion.

Outcomes