Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
3
Replies

IDSM troubleshooting

aksher
Level 1
Level 1

‎08-13-2008 07:50 AM - edited ‎03-10-2019 04:14 AM

How to diagnose whether the IDSM is monitoring traffic. What are the steps.

Labels:
0 Helpful
3 Replies 3

rhermes
Level 7
Level 7

‎08-13-2008 09:13 AM

Check that the IDSM-2 is getting traffic. On the CLI do a "show interface"

Check if the traffic is getting to the analysis engine with a "show stat anal"

(if you're not seeing your taffic in the analysis engine, you forgot to add the interface to the virtual sensor)

Then turn on sig 2004 (ICMP echo reply) and run a few pings past the sensor to see if you are getting sigs to fire.

0 Helpful

aksher
Level 1
Level 1
In response to rhermes

‎08-13-2008 07:29 PM

Both the above coands are working fine. How ever I am not geting any alerts on the event viewer.Pls help on this.

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to aksher

‎08-14-2008 12:56 AM

Can you post the "show config" of the IDSM and "show run | inc intrusion" of the core switch?

Regards

Farrukh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card