Re: Local Time in Security Monitor

cburgarella · ‎08-27-2003

Hi all,

The VMS server i manage shows alerts from IDS sensors with local time 6-7 hours in the past.

The same server is receiving logs from a couple of PIX.

Doesn't seem a problem of cpu or ram overload cpu 2%.

but the idsmdc.db file is about 900MB in size and the idsmdc.log 3GB.

How can i re-sinchronize it all and view alerts in real time?

Please Help!!!

pcrgm1119 · ‎08-28-2003

I had the same problem, only 9 hours was my differential. I run an ISDM-1 in a 6509 with VMS 2.2 security mon. I have NTP running so the clock on the blade and switch match. What I found, after not getting any sort of answer from TAC is this. I plugged a mon and keyboard on to the ISDM. IT runs on NT 4.0 and defaults its time zone to "Ekaterinburg GMT +5". Once I set the VMS box to the same time zone it "sync'd" the times. I have tried adjusting the time zone on the ISDM, but on reboot it resets to default.

marcabal · ‎08-28-2003

The timezone is not resetting back to defaults, instead it is syncing to the timezone that was configured on your switch.

You need to check the time, and timezone (including offset) as configured on your switch. The switch passes this information to the IDSM.