IDSM-2 ip-log default question?

Unanswered Question
Dec 31st, 2008
User Badges:

Ok so, I have recently enabled log-pair-packets on signatures without changing the ip-log defaults, which from all documentation and posts in this forum reads that it defaults to 0 packets, 30 minutes, 0 bytes. But when I look at iplog-status at the CLI, I see that all ip logging on these event-triggered logs are

any length bytes/packets

30 second (not minutes!) exactly

my question is if the documentation is wrong? Also the documentation says after any 1 condition is met then it will stop logging, but if bytes = 0 and packets = 0, wouldn't that mean it wouldnt log at all? Or does that mean it does not check that parameter.

I can always do a test scenario myself, but I wanted to ask the community first if they have also found that the documentation is wrong in saying 30 minutes and it being really 30 seconds. Thanks in advance!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion