Is anyone out there populating an external database with IDSM logs? I would like to somehow populate a PostgreSQL database in as close to real-time as possible. Anyone doing anything like this? Is it even possible? Any information would be greatly appreciated.
The characters you are seeing are the hexadecimal values for the characters in the Context Buffer.
The Context Buffer contains returns, backspaces, and other characters which would cause problems in a comma delimited file. So each character is converted to it's hexadecimal equivelant. It is up to the user then to convert the hexadecimal values back to their ascii equivelants when they want to view the Context Buffer.
(CSPM and Unix Director do this automatically when you view the Context Buffer, but won't write it out like that to a comma delimited file)
How to convert:
Take 2 characters at a time and look up the corresponding value in Hexadecimal to Ascii Character table.
There is also a special "ZZ" character that you will not find in the table. This "ZZ" is just a seperator. There are actually 2 Context Buffers in that field. One for characters from the Source, and one for characters from the Destination. The "ZZ" separates these 2 Context Buffers.
You can find the Hexadecimal to Ascii Character table by executing "man ascii" on a Unix box or searching the web.
I've attached the table from the "man ascii" command I executed on one of my boxes:
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :