08-20-2007 06:14 AM - edited 03-10-2019 03:45 AM
Hi - I'm not very familiar with MARS and I'm trying to get SNMP messages sent to a NetView box when MARS identifies a High/Red alert. I created a rule that says send any of these, from and to any device, to our NetView server but so far none have arrived. (We don't get many but there appears to be at least one Red alert/day.) Would it send the alert if it's Red but turns out to be a false positive? I also tried changing an existing rule that gets triggered a lot (ARP poisoning)just to see if it would send the snmp msg but that didn't work either. The communication is fine between the boxes. I don't know what else to check. Any help will be greatly appreciated! Thanks.
08-21-2007 05:46 AM
It was rebooted and it's working now.
08-21-2007 07:19 AM
Thanks for the update. It confirms what I have found out from past experience with Cisco Security appliances:
When in doubt regarding a problem that you think you are approaching correctly, and if you have a Maintenance Window, a reboot is a good choice of action.
At minimum, once the reboot is complete you will know that a reboot was not the issue.
08-23-2007 05:05 AM
I guess I thought it would behave better than this! for example, I changed a rule to send me xml notification and it wouldn't "stick" until I rebooted it. Not too impressive :)
Thanks for the feedback.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide