Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
0
Helpful
2
Replies

How to Save CSPM Event/Intrusion Log

waynepua
Level 1
Level 1

‎02-19-2002 01:03 AM - edited ‎03-08-2019 09:51 PM

Under CSPM Event Viewer, where does all the events get saved and what program do u use to read it ? I wanted to purge the old log (it has exceeded 10,000 record) but can find any Save function provided in CSPM.

In IDS Director, I would usually do a Show alarm details for a particular Sensor and save all logs to a file. Is there a file where all this info is saved or other ways to save these alarm log info ? Thanks in advance.

Labels:
0 Helpful
2 Replies 2

dlac455
Level 1
Level 1

‎02-19-2002 05:44 AM

Appears everything is stored in (which vendor?) a database. Use cvtnrlog.exe to dump to a log file. Someone posted a Perl script to email the notifications. I modified it to run on the NT scheduler and weekly run cvtnrlog.exe and dump to a date stamped log file, then email me the results. Post an email address back, and I'll send you the Perl script.

0 Helpful

waynepua
Level 1
Level 1
In response to dlac455

‎02-19-2002 11:33 PM

Hi,

is that a similar command from Cisco for IDS Director to perform the same thing ?

0 Helpful
Customers Also Viewed These Support Documents