cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
722
Views
0
Helpful
1
Replies

can someone guide me on how to add IDS onto CSM and then forward the IDS related alerts/logs to SIEM tools

tejasvita
Level 1
Level 1

We have a requirem,ent of adding IDS to CSM and then forward the IDS related logs to SIEM tool . Please suggest

1 Reply 1

rhermes
Level 7
Level 7

You can use these instructions to add a IPS sensor to CSM (they haven't changed much since 3.x) if you need better or more current instructions, hit the "HELP" link on your CSM screen:

http://www.cisco.com/en/US/partner/products/ps6498/products_tech_note09186a0080846d67.shtml

CSM does not forward events, but you CAN connect your SIEM directly to your sensor if your SIEM has an SDEE client. The sensor can support up to 4 or 5 simultaneous clients, providing each of them an event feed. (the IPS Sensor is an SDEE server)

- Bob

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: