Is there a way to get real-time notifications on security events on a ssm module I have installed in my ASA? Are SNMP traps the only option? Also under the ASDM home/Intrustion Prevention page, the sensor health section has event retrieval marked as critical "not retrieved". How do I clear this? I've view the events on the module, and this does not clear it. Does this have to do with the MARS product??
No problem at all, glad you have it working :)
You can use IME to monitor the IPS in real-time. It also supports real-time event management for five IPS devices. Have a look at it:
It is freely available for all customers have a valid service contract. Make sure you are running 6.1.x code to utilize the performance management features of IME.