Alerts get generated, but no Alert description, my notification is supposed to look like this:
High Severity Alarms
from sensor ${HostID}
IDS alarm ${SigID}${SubSigID} @ ${DateStr}${TimeStr}
SourceIP: ${SrcIpAddr} DestinationIP: ${DstIpAddr}
SourcePort:${SrcIpPort} DestinationPort:${DstIpPort}
${AlarmDetails}
with the Include Event Description box checked, yet my notifications look like this:
IDS alarm 51680 @ 2002/02/0503:02:26
SourceIP: 148.244.139.17 DestinationIP: 10.15.36.70
SourcePort:1826 DestinationPort:80
No alarm detail.
I also noticed my application event log is getting full with mostly one of these three messages:
The description for Event ID ( 256 ) in Source ( CUPS ) could not be found. It contains the following insertion string(s): E-Mail: notification.
or,
The description for Event ID ( 256 ) in Source ( CUPS ) could not be found. It contains the following insertion string(s): Updated contents of reclaim targets.
(WinError 0).
or,
The description for Event ID ( 256 ) in Source ( CUPS ) could not be found. It contains the following insertion string(s): Updated contents of reclaim targets.
(WinError 0).
Is this related, has anyone seen this before, and any Ideas on how I can get this resolved... Any help appreciated.
Thanks.