Eventia receiving SNMP traps

[phlegm]

We recently installed Eventia Analyser here at work and I'm now trying to get our snort sensors and McaFee ePO server to send alerts to it.

Snort seems to work all though all eventia alerts show up as IDS alert with no info. I'll leaqve that for another day.

The prob I'm having is when sending traps. ePO is setup to send all it's antivirus alerts as an snmp trap to eventia. Eventia recieves these and I see them in it's logs but nothing seems parsed into the correct fields. Also nothing ever shows up as an event in Eventia. Does anybody know if I have to import ePO mibs into eventia. Below is an example of a log entry in eventia after getting the trap.

Number: 412592
Date: 20Apr2006
Time: 11:02:24
Product: Snmp Trap
Origin: hcmepop01.xxx.xxx.xxx.xxxxx..com (207.130.xxx.xxx)
Type: Log
Action:
Community: public
Description: Enterprise Specific
Information: Version: SNMP v1
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.9.185: 'test Sending Alerts to Eventia'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.11.185: 'Directory'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.12.185: 'Directory'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.18.185: 'Any'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.19.185: 'Any'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.33.185: '(Any)'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.15.185: '4/20/06 11:02:24 AM'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.31.185: '1095'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.32.185: 'Not Available'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.16.185: '1'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.17.185: '1'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.13.185: 'VirusScan'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.14.185: 'Access Protection rule violation detected and NOT blocked'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.22.185: 'Prevent Internet Explorer from launching anything from the Temp folder'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.23.185: '_'
oid:1.3.6.1.4.1.3401.12.2.1.1.4.1.1.24.185: '207 ...