How are iplogs viewed? If I go to the sensor and look at the iplogs file I cant make heads or tails of it. Is there some documentation somewhere that explains anything about iplogging?
I made a test string and enabled ip logging on it. I let it run a few days and had multiple hits. I went to the /usr/cids/idsRoot/var/iplogs directory and saw a lot of equal sized files all labelled with a number. Im not sure how to view these files, they seem to be binary or something.
On the Netranger systems you could just go to a menu item "show ip logging", and it would open it up for you using ethereal or whatever program you wanted to use. It also correlated the iplogs so you could see ip addresses. To see iplogs what you are saying is that I have to go to the sensor and correlate some randomly numbered file with another file? The index or directory?
The latest released versions of Security Monitor does not support the "show ip log" menu option that was in the Unix Director.
NOTE: Security Monitor is the alarm viewer utility inside of VMS (Cisco Works VPN and Security Management Solution)
An enhancement request has been made for adding this to Security Monitor. It would result in a "show ip log" or similar menu option which would automatically download the associated IP Log file and either start ethereal (user may need to have separately loaded ethereal), or decode with an ascii representation.
Until then you will need to correlate the source address and time of the alarm with the iplog files.
Copy the IP Log file off the sensor yourself and open them with ethereal.
What a major pain in the butt that will be for our operators. I sure hope they put that change in soon, or we will probably just can iplogging. Does Cisco expect all of the operators to be administrators too? If so why did they give us 7 different levels of permissions? Why not make one level permission - Everything/God. Sorry to be so cynical but Ive been scratching my head over functions like this one for months now, and I havent seen musch progress, just the same ol problems. Bummer.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :