Read IPS IP Log file

Unanswered Question
Mar 5th, 2009
User Badges:

Hello, I have a IPS-SSM-20 (6.2.1) and I'm using IME 6.2 to manage it. On IME-> Configuration->Time Based-> IP Logging is possible to capture a particular IP traffic and download the file. Does someone know, once downloaded, how to read it ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rhermes Thu, 03/05/2009 - 08:28
User Badges:
  • Gold, 750 points or more

While I don't specifically remember "time based" capture, I have performed captures based on a source or destination IP address on the AIP-SSM modules. They are saved on the module in pcap format. This is a standard packet capture format used by any packet sniffer, such as Wireshark (free)

Download the pcap and open with Wireshark. Make sure you try out the "follow TCP stream" option in Wireshark, it's great for following a single session.


This Discussion