Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

how to integrate IPS LOGS in to SIM ( Symantec Information Manager)

Can any one tell me how to integrate IPS logs in to Symantec Information Manager and the Logs format.

Thanks for your help

-VP

1 REPLY
New Member

Re: how to integrate IPS LOGS in to SIM ( Symantec Information M

Hi

You have to use SDEE to collect events (log entries) from the sensor. I believe that SIM supports SDEE otherwise your are left with SNMP/SNMP traps which is not a good choice for this since you have to tweak signatures. Syslog is unfortunately not an option.

Br

Johan Kellerman

265
Views
0
Helpful
1
Replies