All the routers in my network are configured in a manner so that when I attempt a telnet connection, I have to enter in a username and password. If I type in my username incorrectly, the router returns the following message...
% Login invalid
All these routers have logging enabled and are sending messages to the IDS 4250.
I'm trying to create a custom signature so that when the router returns % Login invalid, my IDS will display a message within IEV.
With that said, what would the RegexString value look like for this??