Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
1
Replies

How to display events of only one IPS in Security Monitor?

g.froehlich
Level 1
Level 1

‎08-11-2005 11:57 PM - edited ‎03-10-2019 01:34 AM

Hello,

i searched the forum with no result. I have CW 2.2 with IDSMC 2.1. I got two IPS and 2 IDSM-2 (4.x is in production / 5.x is in test) which have all their four interfaces sniffing in different network segments. Now i am flooded by the thousands of messages from the internet with no possibilty to just concentrate my view on the events generated on only one special interface of a single IPS.

To temporarily focus only one one interface of a single IPS how can i filter the events in Security Monitor to only display the events of a this device and a single interface?

This would be extremly helpfull for to simulate attacks in an test environment with shuning/blocking. I have rare possiblities to set up a second CW IDSMC on another machine. And after all, i would appreciate to focus (filter) in that way for later examining my network to tune signatures and events.

Furthermore, on IEV 4.1 i was able to get a real time dashboard showing 'real time' events. I did not see this functionality for IPS 5.x and IDSMC. How can i view real time data there to see my networks reaction to simulated attacks.

Any ideas how to only display only wanted data in Security-Monitor?

Thanks in advance, Gerhard

Labels:
0 Helpful
1 Reply 1

umedryk
Level 5
Level 5

‎08-18-2005 05:43 AM

As far as I know, you cannot display the events of only one IPS in Sec Mon.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card