Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

real-time notification of VMS

we are using VMSMC for our cisco ids, we are in need to have the real-time notification if the sensors are detecting the defined event, email is preferrable. Do anyone know it in VMS?

6 REPLIES
New Member

Re: real-time notification of VMS

Hi Philip

Monitoring Center for Security has a functionality of notification for attacks.

Login to VMS and launch Security Monitor from the VPN/Security Mgmt Solutions.

From the Security Monitor go to Admin -> Event Rules. Where you can create your own rule and email notification etc., Follow the on-line help provided there.

Regards

Ramesh V

New Member

Re: real-time notification of VMS

Ramesh, thanks for your reply.

But I am getting email list this:

Received severity 5 alert at 2003/04/16 15:39:37

Signature ID 4701:0 from *.*.*.* to *.*.*.*

MSSQL Control Overflow

Can it be most specified? And what is the script from action? where are those scripts, and what kind of script it is?

New Member

Re: real-time notification of VMS

Hi,

The following link may help you.

http://www-tac.cisco.com/~gfullage/SecMonEmail.html

Please let me know if you are not able to go to this link. Also you can use the help pages of Event Rules to know about the scripts.

Regards

Ramesh V

New Member

Re: real-time notification of VMS

Yes, I cannot open this link. Thanks for your help again.

New Member

Re: real-time notification of VMS

There is a on-line help available for Event Rules page, this has got information about the scripts that we can execute.

You can write your own script and execute it at the time of event rule is matched.

All the scripts are found under ~/CSCOpx/MDC/etc/ids/scripts

While writing your own scripts please change the file ownership and permission like default files.

Ramesh V

New Member

Re: real-time notification of VMS

I know vms can send out email notification, can it send a alarm to my cell phone?

By the way, do you have information about okena which cisco brought a while back? is okena the host IDS of vms?

127
Views
3
Helpful
6
Replies