Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
412
Views
4
Helpful
1
Replies

How to monitor the IDSM engine?

hoffa2000
Level 3
Level 3

‎02-16-2009 04:21 AM - edited ‎03-10-2019 04:30 AM

Greetings

I've been trying to solve this since I got my IDSMs a year ago. How can I be notified when the IDSM monitor engine crashes, as it does a few times a month.

I've tried to set up various 3rd party tools to monitor SNMP and/or ping availability but none of these can give any accurate indication of a failure.

Any suggestions?

Regards

Fredrik

Labels:
0 Helpful
1 Reply 1

rhermes
Level 7
Level 7

‎02-16-2009 09:40 AM

This is a common problem with all sensors. Unfortunately there are several failues that a sensor can experience. To test all aspects of a sensor, create a custom signature tha twill fire on any traffic with a summary (so you only get an alert every X min). Then feed this event (SDEE or Syslog) into a system that looks for the absence of the event.

We call it a heartbeat sig. Cisco borrowed the idea and was going to put it into 6.0 as a standard signature, but for some reason abdoned the feature.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card