TSergey, 2014-10-01, impb

# Classification Rule
# IP-MAC-BIND-MIB::swIpMacBindingViolationTrap",
{
    "name": "DLink | DxS | Network | IMPB | Unauthenticated IP-MAC #2 (SNMP)",
    "description": "IP-MAC-BIND-MIB::swIpMacBindingViolationTrap",
    "event_class__name": "Network | IMPB | Unauthenticated IP-MAC",
    "preference": 1000,
    "patterns": [
        {
            "key_re": "^source$",
            "value_re": "^SNMP Trap$"
        },
        {
            "key_re": "^profile$",
            "value_re": "^DLink.DxS$"
        },
        {
            "key_re": "^SNMPv2-MIB::snmpTrapOID.0$",
            "value_re": "IpMacBindingViolationTrap"
        },
        {
            "key_re": "(IpMacBindingViolationIP|IpMacBindingIpIndex|.1.4.1.171.12.23.4.1.1.1)",
            "value_re": "^(?P<ip__bin_to_ip>.+)$"
        },
        {
            "key_re": "(IpMacBindingMac|IpMacBindingViolationMac)",
            "value_re": "^(?P<mac>.+)$"
        },
        {
            "key_re": "IpMacBindingPortIndex",
            "value_re": "^(?P<interface>.+)$"
        }
    ]
}