Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I've been attempting to upgrade the signatures on my sensors and have been running into walls. I am continuously receiving this error: An error occurred while running the update script on the sensor named XXXXXids1. Detail = CLI Error: "The host is ...
I'm looking for recommendations on the best way to archive(export) my events from Security Monitor for at least 4 weeks and if asked...import the event log into SM for research. All of my sensors are at the 4.x version. Is that even possible???
In CSPM we were able to view archived log files for research purposes. Is that possible to do with VMS? I attempted the restore process, but it doesn't allow you to just "view" past events.
Hello...We are looking to install both IDS and PIX components on one server. I was reading some of the items in the forum and was given the impression that it would be better if the two were split and installed on different servers. Can someone ple...
I can't seem to get the pruning utility to work. I keep getting this message:IDS Purge Error: SybaseESql::connect: Specified database is invalid The command line that I use is "IdsPruning -r"alert,syslog" -c10000" Anyone have ideas???
New question...I added -d and it seemed to go through, but now I receive this:IDS Import Idiom Parsing ErrorXML Parser Not Well Formed (invalid token)HELP!!!
I turned off the IDS_receiver process and I ran the command idsimportidiom -f"test.txt" and it continues to say the IDS_receiver process is still running. Am I missing something???
In Security Monitor. Go to "Administration" "Process Management" choose "stop process" and stop only the IDS_Receiver process. Once it has been stopped. Start it again and it should show connected.
With the two co-existing on the same server will there be a performance issue??? We have over 40 IDS sensors and over 30 PIX firewalls. Would you recommend the same set up??? We are essentially looking for the most optimal performance from this so...
