Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
840
Views
0
Helpful
1
Replies

Forwarding IDS logs to Symantec SSIM

machaleshamsundar
Level 1
Level 1

‎04-03-2009 12:23 AM - edited ‎03-10-2019 04:34 AM

Hi,

I want to forwards Cisco IDS logs to Symantec Security Manager device. But i am not getting procedure for implementing it.

Thanks & Regards,

Shamsundar.

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎04-03-2009 08:43 AM

Check if your Symantec Security Manager supports SDEE, if it does, make it an SDEE client to the sensor's SDEE server.

If it doesn't you'll have to modify each signature (or globally via an event action override) you want an event sent and enable the request-snmp-trap action. This will cause a trap to be issued when those signatures fire. The SNMP trap will contain less information than the SDEE message.

http://www.cisco.com/en/US/docs/security/ips/6.2/configuration/guide/cli/cli_event_action_rules.html#wp1113302

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card