Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
602
Views
0
Helpful
3
Replies

IDS Log analysis

emily
Level 1
Level 1

‎06-17-2002 10:01 PM - edited ‎03-08-2019 11:00 PM

I got many log.YYMMDD file in my FTP server, I want to use Private-I to analysis, What tool can combine many these log.YYMMDD files become a file

Thanks your help

Labels:
0 Helpful
3 Replies 3

kleem
Cisco Employee
Cisco Employee

‎06-18-2002 05:50 AM

I am not familiar with how the Private-I tool operates, you may want to refer to their documentation about what it expects as input. Meanwhile, you ought to be able to 'cat log.* > ids.log' in the directory with the logs (on a unix host) or 'FOR %f IN (log.*) DO type %f >> ids.log' from the command prompt on a Windows host to combine all the log.date files into one file.

0 Helpful

emily
Level 1
Level 1
In response to kleem

‎06-18-2002 04:41 PM

Thanks for you reponse , But i want what tool be used to analysis these log files

0 Helpful

kleem
Cisco Employee
Cisco Employee
In response to emily

‎06-19-2002 05:02 AM

Use the Cisco IDS management application (CSPM) to receive/view alarms and create reports. CSPM communicates directly with the Sensors so that events are received in "real-time", avoiding the delay created by ftping the files periodically. Cisco does not have a separate tool which pulls in log files and analyzes them. Some of our partners, which are consumers of our alarm data, may have such a tool, but most of them take a direct feed like CSPM.

0 Helpful
Customers Also Viewed These Support Documents