Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
527
Views
0
Helpful
3
Replies

IOS 12.3 IP/FW/IDS Logging question

slade
Level 1
Level 1

‎04-12-2005 11:17 AM - edited ‎03-10-2019 01:23 AM

Hello, I have a little 26xx running 12.3 with IP/FW/IDS. I am logging to a syslog server. The problem is, I get a large amount of ICMP sig log entries (especially #2004 ICMP Echo Request). I want to continue using the IOS IDS module on the router to handle all the sigs it is now, just I want to selectively choose which ones I am notified of. For example, I would like to disable notification for sig 2004 but not disable the sig globally. Any advice is appreciated.

Labels:
0 Helpful
3 Replies 3

umedryk
Level 5
Level 5

‎04-18-2005 11:56 AM

Either you can remove the IDS response as log or you can selectively choose which messages can turn up at syslog server.

0 Helpful

slade
Level 1
Level 1
In response to umedryk

‎04-19-2005 07:54 PM

Great, how do you selectively choose what messages are logged to the syslog server?

0 Helpful

daftary
Level 1
Level 1
In response to slade

‎04-27-2005 05:23 PM

you can disable signatre 2004 by the config cmd:

ip ips sig 2004 disable

You can also configure this signature to send logs only for selective traffic using the cmd:

ip ips sig 2004 list

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card