Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
461
Views
0
Helpful
3
Replies

EVENT VIEWER PROBLEM

g.rodegari
Level 1
Level 1

‎04-18-2002 12:08 AM - edited ‎03-08-2019 10:21 PM

Hi,

some weeks ago I worked with a 4230 sensor and a CSPM 2.3.3 (i), now I'm working with the same CSPM and a new 4210 sensor.

In the first case and in the second I've experimented the same problem:

some event signature are found but not showed in the event viewer, (for example a telnet connection). Note that the event is configured with high priority (and not filtered) and in the signature the response are "log" and "shun"

At the event occurrence the ip is properly logged and shunned to the managed device (PIX6.1) (the event is also showed with the "snoop" command at the sensor's root level) but not notificated in the event viewer, Can anyone tell me WHY?

This is not a problem, shure... but my customer if does not see it does not believe!

Thanks in advance,

Graz.

Labels:
0 Helpful
3 Replies 3

g.rodegari
Level 1
Level 1

‎04-19-2002 04:04 AM

Hi,

I've noted that with the default signature Its works.

Thanks,

GRAZ

0 Helpful

HEATH FREEL
Level 1
Level 1

‎04-23-2002 08:15 AM

I just ran into a similar issue. I recently upgraded from 3.0(5)S4 to 3.0(5)S17. Before the upgrade the event viewer was stable. Since the upgrade, it seems log half of the actual alarms.

What Signature Version are you running?

0 Helpful

g.rodegari
Level 1
Level 1
In response to HEATH FREEL

‎04-24-2002 02:47 AM

I think 3.0(5)S4...

Bye

Graz.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents