Reporting: SNMP Trap for File-Scanning Oversize Files
I would like an SNMP trap and/or email sent when a user requests a file that is scanned by the anti-virus system, but is larger than the threshold.
This way I can gauge the size of the files that are being downloaded and also know if my threshold is too low.
My BlueCoat Proxy AV will send an email and SNMP trap such as:
Cause: Maximum file size exceeded (engine error code: 0x00000000)
File has been passed through unscanned.
Hardware serial number: xxxxxxxxxx
ProxyAV (Version 220.127.116.11(36678)) - http://www.BlueCoat.com/
Machine name: ProxyAV
Machine IP address: xx.xx.xx.xx
URL: [url removed]