cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1598
Views
0
Helpful
0
Replies

Cisco ISA 3000 IDS Logs Question

danmartinnorhrop
Beginner
Beginner

Hello,

 

I am in search of helpful documentation or advice on how to view IDS specific logs on a Cisco ISA 3000.

 

Currently we have a minimally configured firepower ISA 3000 device configured in our test environment and we are throwing several nmap scans and are looking to test with other "attack like traffic" just to understand our device capability and see if we need to do further tuning.  Our end goal is to get the ISA 3000 to a point where it is detecting "attack like traffic" and not alarming on our own known good traffic

 

The problem is using ASDM we are not really seeing what we would expect in the logs.  Basically, it looks like we are mainly seeing system specific log information and we are not seeing the "attacker like traffic" being reported by the device.  So either we are not looking at the right location within the logs or the device needs to be further configured.  Perhaps someone else has some advice.

 

R

Joe

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: