02-03-2010 06:18 PM
I'm trying to write a script that will pull IPS events off of our ASA IPS SSM module and write them to our log management system. I have a script that successfully pulls the alert events. I also want to pull the error, status, and log transaction events however there is no guarantee when these events will happen so I can't write the script and pull the XML schema through the debug process. I need to have these scripts in place so that if/when these events happen they will get loaded to my log management system.
Does anyone have the XML schema for the evIdsStatus, evIdsError, or evIdsLogTransaction events?
Thanks.
03-01-2010 01:02 PM
hi Snowmizer,
Would it be possible you could share that script? Do you have any information on the sdee command syntax so that it would be possible to pull data from ASA IPS modules?
regards,
m.w
05-04-2010 08:38 AM
If I still had the script. I did an upgrade on the product that was using it and now it's gone so I've got to recreate it. Just a bit short in getting the backup set up on that server before I lost it.
When I get it re-written I can possibly post it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide