Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Capturing traffic...

Can someone walk me through the process needed to build a signature or modify an existing signature to capture certain traffic? I am interesting in being able to view the contents of traffic triggering Instant Messaging and IRC related signatures, so either a method for capuring traffic triggered by the existing signatures, or creating a signature to capture any traffic on 5190 or 6667 for example, would be sufficient.

This is a VMS server version 2.2 monitoring IDS 4.x sensors....

thanks.

141
Views
0
Helpful
0
Replies
CreatePlease to create content