How to Translate Event Log Messages to SNMP OIDs (318464)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
This article was previously published under Q318464

SUMMARY

If you are an administrator, you can use the Evntcmd and the Eventwin utilities to create Simple Network Management Protocol (SNMP) traps after a process writes an event to the Windows event log. The object identification (OID) values that are generated are derived from an ASCII representation of the event source. This article describes how to translate OIDs in DNS events and ATAPI events.

MORE INFORMATION

The first part of the OID is the following Microsoft Base Enterprise OID:

1.3.6.1.4.1.311.1.13.1

NOTE: If the first part of the OID is not 1.3.6.1.4.1.311.1.13.1, refer the following Microsoft Knowledge Base article:

296672 SNMP Manager Does Not Receive Traps Correctly

The last part of the OID is an ASCII representation of the event source, which is preceded by the number of characters in the event source. For example, DNS events have an OID of 1.3.6.1.4.1.311.1.13.1.3.68.78.83 This OID is comprised of three parts: 

1.3.6.1.4.1.311.1.13.1                       Base Enterprise OID
                       3                     Number of Characters in "DNS"
                         68.78.83            ASCII of DNS<BR/>

ATAPI events have an OID of 1.3.6.1.4.1.311.1.13.1.5.97.116.97.112.105. This OID is comprised of three parts: 

1.3.6.1.4.1.311.1.13.1                       Base Enterprise OID
                       5                     Number of Characters in "DNS"  
                         97.116.97.112.105   ASCII of ATAPI

Modification Type:MinorLast Reviewed:1/27/2006
Keywords:kbHotfixServer kbQFE kberrmsg kbinfo KB318464
©2004 Microsoft Corporation. All rights reserved.