Logging; Understanding Debug Logging - Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual

Troubleshooting the Appliance
ShunnedAddr
Log in to the CLI of the master blocking sensor host, and using the show statistics network-access
Step 8
command, verify that the block also shows up in the master blocking sensor ARC statistics.
sensor# show statistics network-access
Current Configuration
AllowSensorShun = false
ShunMaxEntries = 250
MasterBlockingSensor
State
ShunEnable = true
ShunnedAddr
If the remote master blocking sensor is using TLS for web access, make sure the forwarding sensor is
Step 9
configured as a TLS host.
sensor# configure terminal
sensor(config)# tls trust ip master_blocking_sensor_ip_address
For More Information
For the procedure to configure the sensor to be a master blocking sensor, refer to
to be a Master Blocking

Logging

This section describes debug logging, and contains the following topics:
•
•
•
•

Understanding Debug Logging

TAC may suggest that you turn on debug logging for troubleshooting purposes. Logger controls what
log messages are generated by each application by controlling the logging severity for different logging
zones. By default, debug logging is not turned on.
If you enable individual zone control, each zone uses the level of logging that it is configured for.
Otherwise, the same logging level is used for all zones.
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
A-46
Host
IP = 10.16.0.0
ShunMinutes =
SensorIp = 10.89.149.46
SensorPort = 443
UseTls = 1
Host
IP = 10.16.0.0
ShunMinutes = 60
MinutesRemaining = 59
Sensor.
Understanding Debug Logging, page A-46
Enabling Debug Logging, page A-47
Zone Names, page A-50
Directing cidLog Messages to SysLog, page A-51
Chapter A Troubleshooting
Configuring the Sensor
OL-18504-01