Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
1
Replies

IDSMC 2.0.1 How to see the total IDS Events in Database

g.schaarup
Level 1
Level 1

‎02-10-2005 05:39 AM - edited ‎03-10-2019 01:16 AM

If I:

1.

In "Security Monitor" - "Data Management" - "Database" - "Rules" specify a trigger condition "Notify via e-mail" and set the trigger action "Total IDS events in database exceed" to 50000

2.

Then in the "Security Monitor" - "Monitor" - "Events" - Lanch Event Viewer with "Event Start Time" set to "At Earliest".

3.

And deletes all events from database. Then after a while the trigger action for 50000 IDS events is triggered and send the e/mail notification even though I only see a few thousand event in the in the Security Monitor.

4. Is this a bug (that the Security Monitor only show a few thousand events) or is the another way to see the total number of IDS events in the database ?

Thanks

Gert

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card