I have installed an AIP-SSM module on my ASA's lab and I cant get it to fire any signatures. I do see traffic going thru the interfaces which makes me think it's not an issue with the ASA Config, however I dont see any sigs even if I generate events that would fire one such a TCP port scan or bitorrent.
I have assigned an interface to the vs0 and configured the basic stuff but still I'm not getting any hits. One thing I noticed is this unsual message on the logs:
Hope you are doing great. Have you tried with the very basic ones? 2000 and 2004 for ICMP traffic? Enable them and put the action to produce alert.
Then go to Monitoring and set an IP logging. Use the IP addresses that you are trying to ping to make a packet capture (ip logging ), start it, send the ping and then stop the IP logging, after that the IP logging either will dissapear (meaning the packets are not getting to the virtual sensor) or appear but the action is not taken.
On the home page you can also see the state of the analysis engine, it normall stucks in compiling signatures, but analysis engine should be back.