Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

Anomaly Detection

Guys,

I need to create my KB because the current is very very old ( 09:59:59 GMT-06:00 Tue Sep 22 2009 ) When I try to save it manually with the command

anomaly-detection vs0 save MYKB    I get an error that says:  Attack in progress

I need to create a new KB and load it because the Rotate methot is not working since the last KB is very old. I thisk it's not working because there is an attack ALWAYS.

Can I save a load a KB file manually even if there is an attack in progress?

If not, How can I fix my problem

Thanks,

DiegoCR CCSP

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Anomaly Detection

Hi Diego

You can fix this by:

  1. Turn the anomaly detection off (operational-mode inactive)
  2. Erase/copy/load the files you need and start the anomaly detection or preferably put the sensor in learning accept mode (operational-mode learn) and wait for 24 hours.

Br

Johan Kellerman

2 REPLIES
Community Member

Re: Anomaly Detection

Hi Diego

You can fix this by:

  1. Turn the anomaly detection off (operational-mode inactive)
  2. Erase/copy/load the files you need and start the anomaly detection or preferably put the sensor in learning accept mode (operational-mode learn) and wait for 24 hours.

Br

Johan Kellerman

Re: Anomaly Detection

Thank you very much. I just release that I'm seeing unidirectional traffic so I will turn AD off.

413
Views
0
Helpful
2
Replies
CreatePlease to create content