Re: SNMP snmpTrapOID = SNMPv2-MIB:authenticationFailure

Mr. Letts,

Thank you for the response...good to know on the actual OID that is being used.  So are we saying then that this particular OID does not collect the offending device address that initially provoked the Trap?  I am not positive I am following you on the varbind portion.

If not, then I still am scratching my head looking at what I would expect to see within the "Details" of what ORION provides me with - I would think there would be the entire raw data dump of the trap....and somewhere within there I would be able to glean the very useful information of who the offending device address was in order to trip this trap to send. - maybe that is where the varbind portion of your post comes in?

Are you seeing Authentication Traps coming into your system with information reflecting an "Offending Device Address" for Windows Server 2008 R2?  If so, I am wondering how I can get those.  I have setup this pretty much straight out of the box and not manipulating anything...there are no proxies involved.

Monitored Device is configured to simply send Authentication Traps to x.x.x.x which is the ORION Application server.  When adding such device into ORION it simply walks the monitored device with the SNMP Community string I provide and it is either successful or not.  Once added....traps are coming in (as configured within the SNMP Service Properties on the Windows Server)...so I tested to purposefully create an Authentication Trap against the Windows Server 2008, 2003, etc and these are my results.

So maybe I need to do something else to customize the processing of the Trap so I am parsing information or pulling out pieces that I am not seeing?  If so, still wondering why I am not seeing what the server originally sent me...actually raises more questions for me.  This seems like it should be pretty straight forward as it has been for me in the past.  It is only a check box within Windows to either send authentication traps or not....the MIB and OID's should all be straight forward and act accordingly without customization I would think?

NetEng33