05-06-2011 12:34 AM - edited 03-10-2019 05:20 AM
Hi all,
Can We get the logs generated by the IPS module. My customer is going for Auditing and thus he wants logs generated by the AIP-SSM. Kindly Let me know how to do it.
Thanks & Regards
R.MADHANKUMAR
Solved! Go to Solution.
05-06-2011 08:00 AM
When you say logs, I will assume you are talking about the Signature Events generated by your AIP-SSM.
These events are accessible on the sensor in a circular buffer. You can see them in the CLI with the "show events alerts past hh:mm" command, but once that buffer wraps the old events will be overwritten. Exporting events off the sensor is only allowed via a protocol called SDEE. Only a few devices talk this protocol. If you are running a copy of IPS Manager Express (IME, it's free for a few devices) to manage your sensors, you can export the events to HTML or CSV In the Event Monitoring Tab, select Other > Save "save as HTML or CSV.
- Bob
05-06-2011 08:00 AM
When you say logs, I will assume you are talking about the Signature Events generated by your AIP-SSM.
These events are accessible on the sensor in a circular buffer. You can see them in the CLI with the "show events alerts past hh:mm" command, but once that buffer wraps the old events will be overwritten. Exporting events off the sensor is only allowed via a protocol called SDEE. Only a few devices talk this protocol. If you are running a copy of IPS Manager Express (IME, it's free for a few devices) to manage your sensors, you can export the events to HTML or CSV In the Event Monitoring Tab, select Other > Save "save as HTML or CSV.
- Bob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide