What are you getting for an event stream? Are you getting 0x04b60007 and 0x04b60006 events?
# bsnAPAssociated # bsnAPMacAddrTrapVariable
1.3.6.1.4.1.14179.2.6.3.6.7 0x04b60006 1.3.6.1.4.1.14179.2.6.2.20(1,0)\
# bsnAPPortNumberTrapVariable
1.3.6.1.4.1.14179.2.6.2.32(2,0)\
# bsnAPName
1.3.6.1.4.1.14179.2.2.1.1.3(3,0)
# bsnAPDisassociated # bsnAPMacAddrTrapVariable
1.3.6.1.4.1.14179.2.6.3.6.8 0x04b60007 1.3.6.1.4.1.14179.2.6.2.20(1,0)\
# bsnAPName
1.3.6.1.4.1.14179.2.2.1.1.3(2,0)
The event rule is triggering off of value 1 (the MAC):
# bsnAPDisassociated
0x4b60007 E 50 A 1,0x04b60007,U,1 R CA.EventCounter, "0x4b60006 -:-", 10, "0x6760002 -:-", "0x6760003 -:-"
0x04b60006 E 50 C 0x04b60007, 1
If you're still seeing the 0x04b60007 and 0x00210e0c then you'll need to copy the SS/CsVendor/AlertMap and EventDisp to /custom/Events/Cisco_Router. Update the AlertMap to match the bsnAPName of 0x4b60007.
# ciscoLwappApAssociated cLApLastRebootReason
1.3.6.1.4.1.9.9.513.0.4 0x00210e0c 1.3.6.1.4.1.9.9.513.1.1.1.1.16(1,0)\
#cLApName
1.3.6.1.4.1.9.9.513.1.1.1.1.5(2,3)\
# cLApDataEncryptionStatus
1.3.6.1.4.1.9.9.513.1.1.1.1.36(4,0)
You'll need to add 0x4b60007 to use the varbind 2 as a discriminator and generate the alarm:
0x4b60007 E 50 A 1,0x04b60007,U,2
0x210e0c generates a minor alarm, so if you don't want the minor alarm when the APAssociated happens, you'll probably want to change that to clear the 0x4b60007:
0x00210e0c E 20 C 0x4b60007,2
In Event configuration editor, edit 0x00210e0c so it has this in the event variables:
cLApLastRebootReason = {T cLApLastRebootReason 1}
cLApName = {S 2}
cLApName.cLApSysMacAddress = {o 3}
cLApDataEncryptionStatus = {T cLApDataEncryptionStatus 4}
Be sure to press the Update Event Configuration on the VNM after.
I think that looks right. Someone please spot check me as I get another coffee
Cheers
Jay