Seqrite’s Support to SNMP Trap


This article provides information about Seqrite’s support to Simple Network Management Protocol (SNMP) Trap for virus notifications.


What is SNMP Trap?


SNMP Trap is an alert message with abstract information about an event sent from an endpoint to its configured SNMP server. It notifies the administrator about an event that has occurred at an endpoint. Windows’ service, ‘SNMP Trap service’ listens for traps on UDP port 162, by default.


At present, Seqrite covers the following events under virus notifications:

  1. Virus detected
  2. Virus active in memory
  3. Ransomware attack detected


SNMP Trap Notifications Management:

The Trap notifications can be viewed in the SNMP manager, which must be connected to an SNMP server where the configuration file, seqrite.mib is imported.

You can find the seqrite.mib file at the end of this article.


SNMP Object Identifiers (OID) for Trap Notifications:


Let’s understand OID and MIB first.


  • OID (Object Identifiers)
    Object Identifiers is a unique identification of an object in a Management Information Base (MIB). OIDs are based on a tree structure and notation is a dotted string of numbers. Example - 1.3.6.1.4.1.51801.1.1.1

  • MIB (Management Information Base)
    A Management Information Base (MIB) describes a database as a set of managed objects which is most often associated with the Simple Network Management Protocol (SNMP). The database is hierarchical (tree-structured) and each entry is addressed through an object identifier (OID). Each managed object in a MIB has a unique identifier. The identifier includes the object's type, access level.


OID for Seqrite 

  • OID’s for System information

Name

siMacID

OID   

1.3.6.1.4.1.51801.1.1.1

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

MAC ID

 

Name

siIPAddress

OID   

1.3.6.1.4.1.51801.1.1.2

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

IP Address


Name

siComputerName

OID   

1.3.6.1.4.1.51801.1.1.3

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

Computer Name


  • OID’s for Virus notifications

Name

virusFilePath

OID   

1.3.6.1.4.1.51801.1.2.1.1

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

File Path


Name

virusName

OID   

1.3.6.1.4.1.51801.1.2.1.2

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

Virus Name


Name

virusAction

OID   

1.3.6.1.4.1.51801.1.2.1.3

MIB   

Seqrite.mib

Syntax  

OCTET STRING

Description 

Action