Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
0
Helpful
3
Replies

Analysis Engine Not running

lcuchisanmillan
Level 1
Level 1

‎08-21-2006 01:32 AM - edited ‎03-10-2019 03:10 AM

When i do "sh ver" over an IDS 4250XL 5.1(1)S243.0 it appears:

...

AnalysisEngine 2006_Feb_08_13.09 (Release) 2006-02-08T13:52:38-0600 NotRunning

...

What does it imply? How can i start it?

Thanks,

Labels:
0 Helpful
3 Replies 3

sean.martin
Level 1
Level 1

‎08-21-2006 08:18 AM

If the ananlysis engine is not running, your sensor is not analyzing dumped traffic (and is therefore useless).... To get it started, follow the steps below.

1. Create a service account user in CLI or IDM

2. Login using service account in CLI

3. Switch to root user by typing su and service account pwd

4. Type the following command at bash-2.05b# prompt: /etc/init.d/cids restart

5. To check if the sensor is "up" again, type su cisco. Then do a show version.

6. If you still experience issues, exit back to the service account and type reboot.

If the helps, please rate me..

Cheers,

Jay Walker

0 Helpful

lcuchisanmillan
Level 1
Level 1
In response to sean.martin

‎08-22-2006 02:56 AM

Thank you. It works with an IDS 4250, but with an IDS 4250XL is stopped again almost inmediately (what i do not understand.

0 Helpful

mcampigl
Level 1
Level 1
In response to lcuchisanmillan

‎08-22-2006 12:56 PM

Were you upgrading to 5.1? Check if you have a license. We also have seen this behavior with AEs with a very diferent date than the other two services. Unfortunatelly we have reimaged those sensors to recover them.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card