Using The Event Log To Find Intrusion Alerts - HP 3500yl Series Access Security Manual
Switch software
Hide thumbs
Also See for 3500yl Series:
- Release notes (219 pages) ,
- Specifications (16 pages) ,
- Features (6 pages)
Table of Contents
Advertisement
HP Switch(config)# show interfaces brief
Status and Counters - Port Status
Port
Type
----- --------- + --------- ------- ------ ---------- ---- ---- -----
1
10/100TX
2
10/100TX
3
10/100TX
Figure 14-23.Example of Port Status Screen After Alert Flags Reset
| Intrusion
| Alert
Enabled Status Mode
| No
Yes
| No
Yes
| No
Yes
For more on clearing intrusions, see "Note on Send-Disable Operation" on
page 14-37.
Using the Event Log To Find Intrusion Alerts
The Event Log lists port security intrusions as:
W MM/DD/YY HH:MM:SS FFI: port A3 — Security Violation
where "
" is the severity level of the log entry and
W
that generated the entry. For further information, display the Intrusion Log,
as shown below.
From the CLI. Type the log command from the Manager or Configuration
level.
Syntax:
log < search-text >
For < search-text >, you can use ffi, security, or violation. For example:
Configuring and Monitoring Port Security
Reading Intrusion Alerts and Resetting Alert Flags
Intrusion Alert on port A1 is now
cleared.
Up
100FDx
Down
10FDx
Down
10FDx
MDI
Flow Bcast
Mode Ctrl Limit
MDI
off
0
MDI
off
0
MDIX off
0
is the system module
FFI
14-41
Hide quick links:
Advertisement
Chapters
Table of Contents
