how to integrate IPS LOGS in to SIM ( Symantec Information Manager)

Unanswered Question
May 18th, 2010
User Badges:

Can any one tell me how to integrate IPS logs in to Symantec Information Manager and the Logs format.

Thanks for your help


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
johan.kellerman Wed, 05/19/2010 - 00:47
User Badges:


You have to use SDEE to collect events (log entries) from the sensor. I believe that SIM supports SDEE otherwise your are left with SNMP/SNMP traps which is not a good choice for this since you have to tweak signatures. Syslog is unfortunately not an option.


Johan Kellerman


This Discussion