I was wondering if anyone had any good MARS tutorials or reference materials? I can't seem to make this thing do anything useful, partly due to rather limited access to the program, but mainly due to my lack of knowledge of what it can potentially do.
I am familiar with VMS, and I really like the view of all the events in the grid where you can go by each event and analyze them. Is there anything like this in MARS? This sort of functionality would make it a lot easier to transition to MARS.
I know there is a manual for it, however, I either cannot locate it on Cisco's website or it isn't available to my current account level. My coworkers have access to it, but can't seem to remember to send it to me.
Thanks in advance, and I apologize for the nooby question!
Here is mine. Kudos to mhellman for mentioning the Google group!
Bibliography and Websites
1. Security Threat Mitigation and Response by Dale Tesch. Published by Cisco Press, 2006.
5. Cisco MARS User Group. You must be signed in and a member of this group to view its content:
7. Security Monitoring with Cisco Security MARS by Gary Haleen. Published by Cisco Press, 2007.
Hope this helps.