-
Notifications
You must be signed in to change notification settings - Fork 0
/
gen_oid_win_event
138 lines (113 loc) · 4.94 KB
/
gen_oid_win_event
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/usr/bin/perl
# Author: Martin Fuerstenau, Canon Production Printing Germany
# martin.fuerstenau_at_cpp.canon
#
# Date: 7 Feb 2021
#
# Purpose and features of the program:
#
# -Generating OID for processing SNMP traps from Windows systems with snmptt and Nagios, Naemon, Icinga.....
#
# Structure of a Microsoft eventlog SNMP trap:
#
# .1.3.6.1.4.1.311.1.13.1.37.82.101.109.111.116.101.83.101.114.118.105.99.101.115.83.99.104.101.100.117.108.101.114.67.108.101.97.110.117.112.83.101.114.118.105.99.101.0.50100
# I I I I I I I I I I I I I I
# I I I I I I I I I I I +------------------------------------------------------------------+----------------------------------------------------------------------+ I
# I I I I I I I I I I I I I
# I I I I I I I I I I I source name in ASCII characters I I
# I I I I I I I I I I I I
# I I I I I I I I I I I eventID <-------+
# I I I I I I I I I I +--> Number of characters in source name
# I I I I I I I I I I
# I I I I I I I I I +--> evntagent
# I I I I I I I I I
# I I I I I I I I +--> evntlog
# I I I I I I I I
# I I I I I I I +--> software
# I I I I I I I
# I I I I I I +--> microsoft
# I I I I I I
# I I I I I +--> enterprises
# I I I I I
# I I I I +--> private
# I I I I
# I I I +-> internet
# I I I
# I I +--> dod
# I I
# I +--> org
# I
# +--> iso
#--- Start presets and declarations -------------------------------------
use strict;
use Getopt::Long;
my $ProgName="gen_oid_win_event"; # Name of program
my $eventID; # The event ID from the trap
my $eventOID; # Enterprise trap OID in number format
my $eventSource; # Event source from MS event system
my @eventSource; # Every character from event source as element of an array
my $eventSourceLength;
my $BaseOID=".1.3.6.1.4.1.311.1.13.1"; # Base OID according to description above.
my $loopcnt; # Loop counter for for loop
my $NoA; # Number of arguments handled over
# the program
my $help; # For printing the help message
#--- End presets --------------------------------------------------------
# First we have to fix the number of arguments
$NoA=$#ARGV;
# Right number of arguments (therefore NOA :-)) )
if ( $NoA == -1 )
{
print_usage();
exit 1;
}
Getopt::Long::Configure('bundling');
GetOptions
("h" => \$help, "help" => \$help,
"eventID=i" => \$eventID,
"eventsrc=s" => \$eventSource);
if ($help)
{
print_help();
exit 0;
}
if (!defined $eventID)
{
print "\nEvent ID missing.\n\n";
exit 2;
}
if (!defined $eventSource)
{
print "\nEvent source missing.\n\n";
exit 2;
}
@eventSource = split //, sprintf '%s', $eventSource;
$eventSourceLength = scalar @eventSource;
$eventOID = $BaseOID . "." . $eventSourceLength;
for ( $loopcnt=0;$loopcnt<$eventSourceLength;$loopcnt++)
{
$eventOID = $eventOID . "." . ord($eventSource[$loopcnt]);
}
$eventOID = $eventOID . ".0." . $eventID;
print "$eventOID\n";
#--- Begin subroutines --------------------------------------------------
sub print_usage
{
print "\nUsage: \n\n$ProgName ";
print "--eventID=<event ID> ";
print "--eventsrc=<event source>\n\n";
print " or\n\n";
print "$ProgName -h\n\n";
}
sub print_help
{
print "\n";
print "Copyright (c) 2021 Martin Fuerstenau\n";
print "\nUsage: \n\n$ProgName ";
print "--eventID=<event ID> ";
print "--eventsrc=<event source>\n\n";
print "--eventID=<event ID> The event ID used by MS Windows submitted\n";
print " as last OID otf the trap.\n";
print "--eventsrc=<string> The event source from Windows system which\n";
print " has to be converted to OID.\n";
}