Enabling or disabling notification/traps for network security failures and other security events (CLI)
Syntax:
no snmp-server enable traps [arp-protect | auth-server-fail | dhcp-server
| dhcp-snooping | dhcpv6-snooping | dyn-ip-lockdown | dyn-ipv6-lockdown | link-change
| login-failure-mgr | mac-count-notify | mac-notify | macsec | nd-snooping | password-change-mgr
| port-security | running-config-change | snmp-authentication | startup-config-change | vsf ]Enables or disables sending one of the security notification types listed below to configured trap receivers. (Unless otherwise stated, all of the following notifications are enabled in the default configuration.)
The notification sends a trap:
|
Traps for Dynamic ARP Protection. |
|
Traps reporting authentication server unreachable. |
|
Traps for DHCP-Server. |
|
Traps for DHCP-Snooping. |
dhcpv6-snooping |
Set the traps for DHCPv6 snooping. |
|
Traps for Dynamic Ip Lockdown. |
|
Enable traps for Dynamic IPv6 Lockdown. |
|
Traps for link-up and link-down. |
|
Traps for management interface login failure. |
|
Traps for MAC addresses learned on the specified ports exceeds the threshold. |
|
Traps for (learned/removed) MAC address table changes. |
|
Configure the traps for MACsec notifications. |
|
Set the trap for nd snooping |
|
Traps for management interface password change. |
|
Traps for port access authentication failure. |
|
Traps for running config change. |
|
Select RFC-1157 (standard) or ICF-SNMP (extended) traps. |
|
Traps for changes to the startup configuration. |
|
Enable traps for the VSF functionality. |
To determine the specific cause of a security event, check the Event Log in the console interface to see why a trap was sent. For more information, see "Using the Event Log for Troubleshooting Switch Problems".