Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
2
Replies

IPS Logs to Syslog

ummerishtiaq
Level 1
Level 1

‎05-05-2015 06:21 AM - edited ‎03-10-2019 06:22 AM

We are using IPS Modules AIP SSM 20 in ASA 5520 and software based IPS in 5525-X.

We want to send their logs to an external syslog server. Is that possible ?

 

Currently IME is managing all the alerts and notifications via emails.

But our requirement is to get IPS logs in external Syslog Server.

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-06-2015 01:01 PM

Sorry but the classic Cisco IPS such as you have only support export via Cisco's proprietary SDEE transport method.

IPS intrusion events on those platforms cannot be sent out by syslog. The reason I've heard why is because UDP is deemed unreliable and insecure for security management.

0 Helpful

ummerishtiaq
Level 1
Level 1
In response to Marvin Rhoads

‎05-07-2015 11:54 PM

Thanks for the clarification.

So is there anyway we can be aware of when someone tries to login to the IPS, do login logs being made for success or denied attempts ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card