Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to monitor the IDSM engine?

Greetings

I've been trying to solve this since I got my IDSMs a year ago. How can I be notified when the IDSM monitor engine crashes, as it does a few times a month.

I've tried to set up various 3rd party tools to monitor SNMP and/or ping availability but none of these can give any accurate indication of a failure.

Any suggestions?

Regards

Fredrik

1 REPLY
Gold

Re: How to monitor the IDSM engine?

This is a common problem with all sensors. Unfortunately there are several failues that a sensor can experience. To test all aspects of a sensor, create a custom signature tha twill fire on any traffic with a summary (so you only get an alert every X min). Then feed this event (SDEE or Syslog) into a system that looks for the absence of the event.

We call it a heartbeat sig. Cisco borrowed the idea and was going to put it into 6.0 as a standard signature, but for some reason abdoned the feature.

142
Views
4
Helpful
1
Replies