i am using VMS 2.2 to manage 6 IDS. Now I already define a database rules to manage the IDS alarms. i define a rule for prunning a database when it's reach out of thrshold. But still my harddisk is going full. how can a automatically manage the harddisk space to prevent some sapce left.
Please backup the database from under VPN/Sec Mgmt Soln-->Administration-->Common Services-->Backup Database. Please redirect the backup to a different drive other than the VMS install drive. This will clean up the idsmdc.log file.
Next, if the IDSMC/Secmon is version 1.2 and above, please use the IdsDbCompact utility to compact the Sybase database. More information how to use this on this url;
where $NMSROOT is the CiscoWorks installation directory,
-force allows backup regardless of log file size, and -dir specifies the full path of the destination directory.
Note: The target directory must be owned by user casuser and group casusers. The user must have read, write, and execute permissions, and the group must have at least read permission. Otherwise, the program will terminate with an error message and the log files will not be updated.
If you do not specify any options, the script backups up the log files to its default directory, PX_LOGDIR/backup.
2.Verify the procedure was successful by examining the contents of the log files in this location:
Only log files that reach 90% of their size limits are backed up and the original log file is emptied.
I had a similar problem. In the following you find the answer from the TAC. In my case it works.
==================== Answer from TAC ====================
The Security Monitor database is stored in two files that are located in the ~CSCOpx\MDC\Sybase\Db\IDS subdirectory: idsmdc.db and idsmdc.log.
During normal operation, the size of the idsmdc.db file is never reduced. When records are pruned from the database tables, space is made available in the file for additional data, but the file does not become smaller.
If the default pruning rules are in place and pruning is occurring, you do not need to reduce the size of the database files. However, in some situations (as, for example, when the default rules are deleted or if the IDS_dbAdminAnalyzer daemon is stopped), these files may grow large, and you will have to reduce their size. The database compact utility provides this function. You will want to run this utility if the idsmdc.db and idsmdc.log files combined exceed your available resources.
First trying running idspruning with the option do delete the alarms marked for deletion.
Than try to compact the database. Detail description are below. In addition a have put the logging from the try I did in the lab for you below.
Here is a sample to delete all but the last 7 days of events (be aware all data before will be lost):
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :