Hi,
We have an IPS 4240. We do not have any SNMP logging,but there are many Alterts of High siverity and we would like to know all that is of High sivereity. But when we query the event viewer, it shows only for the last 3 days. Does this mean the logs are getting over written.
section Cumulative number of each type of event
Status events 78455
Shun request events 0
Error events, warning 447
Error events, error 480
Error events, fatal 0
Alert events, informational 2137338
Alert events, low 60847
Alert events, medium 292
Alert events, high 5199
Alert events, threat rating 0-20 239092
Alert events, threat rating 21-40 1898253
Alert events, threat rating 41-60 64126
Alert events, threat rating 61-80 1413
Alert events, threat rating 81-100 792
Any way we can get information on all the 792 high siverity of events if they are not sent to any logging server.
What is the capacity of the event store. Can we enable event store that it stores only events of high siverity rather than all informationation events as well.
Rgds,
Tauseef