Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
2
Replies

real time ? and IDSM 2.5.1 and report of events

p.emery
Level 1
Level 1

‎10-30-2001 09:47 AM - edited ‎03-08-2019 09:00 PM

hi

i have a powerfull server 2 penhtium with 512 ram

i have installed CSPM2.3.2 and i will make a demo for a customer and i monito a pc which is under attack but all events are coming like 2-3 minutes after have been don why `?

is it a mistake from me ?

thanks to help me

best regards

philippe

Labels:
0 Helpful
2 Replies 2

k.poplitz
Level 3
Level 3

‎11-05-2001 06:50 AM

It sounds like you meet minimum system requirements. You should talk to Cisco.

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to k.poplitz

‎11-05-2001 09:07 AM

I believe there may be a timer you can set for how often the viewer queries the database for events. Check the CSPM alarm viewer menu options.

Another thing to check:

Use CSPM to enable logging of the alarms on the sensor itself.

Then generate the alarm.

Wait a few seconds and check the alarm log file on the sensor

(If using IDSM use the "show event current" command under "diag" mode)

If the alarm is in the sensor log, but takes awhile to show on CSPM then it is likely a CSPM issue, but if it takes a few minutes to show up in the sensor log file then it is a sensor issue.

0 Helpful
Customers Also Viewed These Support Documents