Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
1
Replies

Need help in generating L4 Traffic monitor logs

harshad_kashikar
Level 1
Level 1

‎03-16-2013 04:57 AM

Hi,

As a part of my project I need to study different types of logs produced by Cisco IronPort. I could generate some access and authentication logs however not sure about generating the L4 Traffic Monitor logs. Can anyone point me to right documentation that will help me generate those logs?

Thanks,

Harshad Kashikar

Labels:
0 Helpful
1 Reply 1

brock.frary
Level 1
Level 1

‎03-19-2013 05:08 AM

Harshad,

L4 Traffic Monitoring needs to be configured within the IronPort - first question is do you have a SPAN/TAP port set up on your switch to capture L4 traffic?

Second, I only use this feature to capture information on malware/spyware - I have seen P2P, IRC, and 'phone-home' traffic amongst other things.  Do you have an infected host you can monitor?

BF

0 Helpful
Customers Also Viewed These Support Documents