I cannot get one of my sensors to IGNORE any form of traffic tripping signature 3030. I have tried individual hosts for filtering, entire networks, and finally the entire sig. Here is the entry in my SigSettings.conf:
RecordOfExcludedPattern 3030 * * *
Am I missing something here? Why am I still seeing alarms???
What version of the sensor SW are you running? There are known problems in the 3.0(2) and 3.0(1) code with Exclusions and sweeps. These have all been corrected in 3.0(3). If you are running 3.0(3) and are still experiencing difficulties then we need to talk off-line so that we can get to the root of the problem. You can e-mail me direct at firstname.lastname@example.org.
I was running 3.0(2), upgraded to current and everything is working well. Probably should have tried that from the start, but it did not exhibit this behavior immediately after my initial upgrade (from 2.x to 3.x), seemed odd -- thanks for the help.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...