For some reason, our CSPM(2.3.3i) DB lost data for the last 5 days that was there the day before...still investigating. I restored the DB from the backup we did 3 days ago, reinstalled the S15 signature update, and uploaded the configs to sensors. In doing so, the sensor logs had all been reset. I was hoping to get the data from the last 3 days...are there any logs on the sensor(4210 w/3.0(3)S15) that would show all of the signatures detected and also would not be affected by config upload? Thanks.
You can ftp them off. They'll be named *.log in /usr/nr/var/new. They could also have been archived (if the /usr/nr/var/new directory became full enough) to /usr/nr/var/dump and if so will be named NEWLOG.log.*.Z. In either case, the asterisk will be the date/time stamp of the log file as YYYYMMDDHHMM.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...