Forum Discussion
cjunior
Jun 18, 2015Nacreous
Hi,
if I'm not wrong, those OIDs are obsolete in LTM v.11.6. I've made an example of how you could do in case of having no standard way. I've done with two different OIDs, in order to differentiate the access type. Add the following in /config/user_alert.conf with appropriate values:alert BIGIP_CUSTOM_GUI_LOGIN_FAILED "httpd\(pam_audit\): User=(.*) tty=(.*) host=(.*) failed to login after (.*) attempts" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.300";
email toaddress="toaddress@mydomain.com"
fromaddress="fromaddress@mydomain.com"
body="This is a custom alert OID .1.3.6.1.4.1.3375.2.4.0.300"
}
alert BIGIP_CUSTOM_SSH_LOGIN_FAILED "sshd\(pam_audit\): User=(.*) tty=(.*) host=(.*) failed to login after (.*) attempts" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.301";
email toaddress="toaddress@mydomain.com"
fromaddress="fromaddress@mydomain.com"
body="This is a custom alert OID .1.3.6.1.4.1.3375.2.4.0.301"
}
if your outbound smtp setup was successful, it should work.
Regards.