Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
3
Replies

configure secure ids version 4 to send the events to netforensics

fengluo
Level 1
Level 1

‎10-06-2004 03:05 PM - edited ‎03-09-2019 09:01 AM

I have 13 sensors, but only 9 can be seen in netforensics, I don't know what to check to make sure other sensors are sending event to netforensics.

Philip

Labels:
0 Helpful
3 Replies 3

pcomeaux
Cisco Employee
Cisco Employee

‎10-06-2004 05:10 PM

4.x sensors do not send data to external servers.

External servers, such as NF or IEV or Sec Mon need to collect the data from the sensor by way of a subscription. So this would be the first thing to check within NF - make sure NF is configured to collect from all the sensors you would like.

Also, the sensors need to permit the IP address of the NF server to communicate with it. So this would be the 2nd thing to check.

Please let us know if you need details on how to check each of these items. If so, tell us what you are using to manage the sensors - CLI, IDM or IDS MC.

thanks

peter

0 Helpful

fengluo
Level 1
Level 1
In response to pcomeaux

‎10-07-2004 06:07 AM

I am using VMS and IDS MC to manage the sensors.

0 Helpful

pcomeaux
Cisco Employee
Cisco Employee
In response to fengluo

‎10-07-2004 10:36 AM

Ok - you need to ensure that within IDS MC that the sensors in question permit the IP address of the NF device to manage it under "Configuration --> Settings --> Communications --> Allowed Hosts"

As mentioned before, also check to see if the other 4 sensors have been configured within NF.

thanks

peter

0 Helpful
Customers Also Viewed These Support Documents