If we have both CS MARS and CSA to monitor network devices, and we have all servers send logs to CSA only and then CSA send logs to CS MARS, is that going to affect the result of vulnerability scanning done by CS MARS on servers as in order for CS MA...

I would like to know if we can customize CS MARS to receive and understand logs from Tippingpoint IPS.I would like create a drop rule or customized rule that says that anything followed by the event "dropped package by IPS" is system determined false...