https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729541#M65023 <P>Dear All,</P><P></P><P>I am looking for a cisco solution which can give me schedule mail with IPS log report. Below is what I am looking for,</P><P></P><P>A) Periodically mail me with IPS log report. such as daily or weekly.</P><P>B) The report should include <STRONG>Source addres+Destination Address+Timestamp+SignatureID+SignatureName.</STRONG></P><P>C) Please see the <STRONG>attchaed file 01</STRONG> - which I used to get in my previous organization from Cisco VMS. It was a 1 day report for 1 of the IPS back in 11th May 2008.</P><P></P><P>Now here is what I have gone through,</P><P></P><P>1) I am looking for a cisco solution.</P><P>2) I have check with IME 7.x. <STRONG>They can not mail report</STRONG>. But they can generate report on specfic formate. T<STRONG>hese reports are either Source or Destination or Signature based.</STRONG> I am not able to get the Report like I said above in point no (B).</P><P>3) I am currently checking with cisco CSM. Only difference with IME I found is that it can take log from Firewall and It can mail the report periodicaly. But the Report format is still same for IPS.</P><P>4) The report generated by IME and CSM are same and not very effective in a sence that it wont have the full information. <STRONG>I mean when [time] "X" type [signature name/ID] attack is happend by "Y" [SourceIP] source to "Z" [Destination IP] destination. </STRONG>This is what I mean at point (B) which I used to get with VMS.</P><P>5) I am not sure whether by CSM I can customize report and get the type of Report that I am looking for. If anyone know that it is possible through CSM please share with me.</P><P>6) We have Syslog-NG but we want something viewable for Management's understanding.</P><P></P><P></P><P>Please it will be very helpful for me, if anyone can tell me whether cisco currently has a solution which can effectivity report like this type. Please let me know.</P><P></P><P></P><P>Thanks//</P><P>Adnan</P> Sun, 10 Mar 2019 12:22:35 GMT AdnanShahid 2019-03-10T12:22:35Z https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729541#M65023 <P>Dear All,</P><P></P><P>I am looking for a cisco solution which can give me schedule mail with IPS log report. Below is what I am looking for,</P><P></P><P>A) Periodically mail me with IPS log report. such as daily or weekly.</P><P>B) The report should include <STRONG>Source addres+Destination Address+Timestamp+SignatureID+SignatureName.</STRONG></P><P>C) Please see the <STRONG>attchaed file 01</STRONG> - which I used to get in my previous organization from Cisco VMS. It was a 1 day report for 1 of the IPS back in 11th May 2008.</P><P></P><P>Now here is what I have gone through,</P><P></P><P>1) I am looking for a cisco solution.</P><P>2) I have check with IME 7.x. <STRONG>They can not mail report</STRONG>. But they can generate report on specfic formate. T<STRONG>hese reports are either Source or Destination or Signature based.</STRONG> I am not able to get the Report like I said above in point no (B).</P><P>3) I am currently checking with cisco CSM. Only difference with IME I found is that it can take log from Firewall and It can mail the report periodicaly. But the Report format is still same for IPS.</P><P>4) The report generated by IME and CSM are same and not very effective in a sence that it wont have the full information. <STRONG>I mean when [time] "X" type [signature name/ID] attack is happend by "Y" [SourceIP] source to "Z" [Destination IP] destination. </STRONG>This is what I mean at point (B) which I used to get with VMS.</P><P>5) I am not sure whether by CSM I can customize report and get the type of Report that I am looking for. If anyone know that it is possible through CSM please share with me.</P><P>6) We have Syslog-NG but we want something viewable for Management's understanding.</P><P></P><P></P><P>Please it will be very helpful for me, if anyone can tell me whether cisco currently has a solution which can effectivity report like this type. Please let me know.</P><P></P><P></P><P>Thanks//</P><P>Adnan</P> Sun, 10 Mar 2019 12:22:35 GMT https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729541#M65023 AdnanShahid 2019-03-10T12:22:35Z https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729542#M65025 <HTML><HEAD></HEAD><BODY><P>Dear Adnan</P><P></P><P>This kind of reporting is not possible to my knowledge.</P><P></P><P>You can send / export your&nbsp; alterts via SNMP traps or any other method and then use a third-party tool to generate such reports e.g. Arcsight logger, Splunk etc.</P><P></P><P>Both offer free versions (with limitations) that might fit in your scenario.</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Thu, 16 Jun 2011 13:44:31 GMT https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729542#M65025 Farrukh Haroon 2011-06-16T13:44:31Z https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729543#M65026 <HTML><HEAD></HEAD><BODY><P>It seems this should be a CSM function, but it's not...or not easy to do.&nbsp; Why is that?&nbsp; This seems like a no-brainer...</P></BODY></HTML> Thu, 20 Oct 2011 16:12:46 GMT https://community.cisco.com/t5/network-security/ips-log-report-looking-for-cisco-solution/m-p/1729543#M65026 rrfield 2011-10-20T16:12:46Z