https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701850#M44963 <P>Sorry but the classic Cisco IPS such as you have only support export via Cisco's proprietary SDEE transport method.</P><P>IPS intrusion events on those platforms cannot be sent out by syslog. The reason I've heard why is because UDP is deemed unreliable and insecure for security management.</P> Wed, 06 May 2015 20:01:09 GMT Marvin Rhoads 2015-05-06T20:01:09Z https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701849#M44961 <P>We are using IPS Modules AIP SSM 20 in ASA 5520 and software based IPS in 5525-X.</P><P>We want to send their logs to an external syslog server. Is that possible ?</P><P>&nbsp;</P><P>Currently IME is managing all the alerts and notifications via emails.</P><P>But our requirement is to get IPS logs in external Syslog Server.</P> Sun, 10 Mar 2019 13:22:20 GMT https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701849#M44961 ummerishtiaq 2019-03-10T13:22:20Z https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701850#M44963 <P>Sorry but the classic Cisco IPS such as you have only support export via Cisco's proprietary SDEE transport method.</P><P>IPS intrusion events on those platforms cannot be sent out by syslog. The reason I've heard why is because UDP is deemed unreliable and insecure for security management.</P> Wed, 06 May 2015 20:01:09 GMT https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701850#M44963 Marvin Rhoads 2015-05-06T20:01:09Z https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701851#M44964 <P>Thanks for the clarification.</P><P>So is there anyway we can be aware of when someone tries to login to the IPS, do login logs being made for success or denied attempts ?</P> Fri, 08 May 2015 06:54:03 GMT https://community.cisco.com/t5/network-security/ips-logs-to-syslog/m-p/2701851#M44964 ummerishtiaq 2015-05-08T06:54:03Z