https://community.cisco.com/t5/network-security/exfiltration/m-p/2134581#M54407 <HTML><HEAD></HEAD><BODY><P>Not easy to grt that directly from IPS. Send alert logs to Splunk and create Splunk query to detect low volume attacks.<BR /><BR />Sent from Cisco Technical Support iPad App</P></BODY></HTML> Thu, 15 Nov 2012 21:37:11 GMT roshan.maskey 2012-11-15T21:37:11Z https://community.cisco.com/t5/network-security/exfiltration/m-p/2134580#M54406 <P>How do i go about checking to see if our IDS can detect "low and slow" data exfiltration?&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </P> Sun, 10 Mar 2019 12:49:27 GMT https://community.cisco.com/t5/network-security/exfiltration/m-p/2134580#M54406 nancy.f.lee 2019-03-10T12:49:27Z https://community.cisco.com/t5/network-security/exfiltration/m-p/2134581#M54407 <HTML><HEAD></HEAD><BODY><P>Not easy to grt that directly from IPS. Send alert logs to Splunk and create Splunk query to detect low volume attacks.<BR /><BR />Sent from Cisco Technical Support iPad App</P></BODY></HTML> Thu, 15 Nov 2012 21:37:11 GMT https://community.cisco.com/t5/network-security/exfiltration/m-p/2134581#M54407 roshan.maskey 2012-11-15T21:37:11Z