1.In the Unix Director User Guide, it tells me how to send logfile to a FTPServer. I don'nt know the logfile is an alarm log file or an iplog file? Can Sensor send alarm logfiles to a FTPServer?
2.Although I did as the User Guide told but I could'nt get any logfile in the FTPServer. Under "the condition type", I chose "Number of Files" and I set its value 1. Doing as this, I don'nt know when the Sensor will send the logfiles to FTPServer? Is it right when I say that Sensor will send logfiles when there is only one new logfile in the directory /usr/nr/var/new.
1. The sensor can only be configured to ftp the alarm log files. It can not be configured to ftp the iplog files.
2. The sensor (the sapd daemon) will monitor the /usr/nr/var/new directory (it checks about once every 30 seconds or so). As soon as it sees one or more log files in that directory it will ftp the oldest log file off to the ftp server. So if there is more than one log file it will ftp the oldest.
How to check if the ftp functionality is working:
a) Check the errors.sapd file in /usr/nr/var for any possible errors.
b) Check the different messages.* files in /usr/nr/var for any possible errors.
c) Execute nrget 10007 [hostid] [orgid] 1 FileMgmt
Where hostid is the sensor's numerical hostid.
Where orgid is the sensor's numerical orgid.
Example: nrget 10007 10 100 1 FileMgmt
Check to see if the trigger for the ftp is being executed and if an error count is shown for the trigger.
d) Login as root and execute "snoop -d [interface] [sensorip] [ftpserverip]"
Where interface is the command and control interface of the sensor
sensorip is the sensor's command control ip address
ftpserverip is the ftp server's ip address.
Example: snoop -d iprb0 10.1.1.1 10.3.4.5
Look to see if the ftp may be failing because of a bad password or any other possible error.
Occasionally you may see the ftp connection just stop. In this case the sensor may not have received the response it was expecting. The sensor will work with most standard ftp servers, but there are a few (mostly freeware ftp servers) which the sensor will not work with. These ftp servers respond in a way that the sensor can not understand.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :