Table of Contents
Advertisement
Chapter 10
Configuring the Sensor Using the CLI
The show events command displays the requested event types beginning at the
requested start time. If no start time is entered, the selected events are displayed
beginning at the current time. If no event types are entered, all events are
displayed. Events are displayed as a live feed. You can cancel the live feed by
pressing Ctrl-C.
Note
The show events command waits until a specified event is available. It continues
to wait and display events until you exit by pressing the Ctrl-C.
To display and clear events, follow these steps:
Log in to the CLI.
Step 1
Step 2
Display new events:
sensor# show events
Use the regular expression | include shunInfo to view the shun information,
including source address, for the event.
New events are displayed as they occur.
Step 3
Display events from a specific time:
sensor# show events
For example, show events 14:00 September 2 2002 displays all events since 2:00
p.m. September 2, 2002.
Note
Events from the specified time are displayed.
Display events since a specified time for a specified alert level:
Step 4
sensor# show events alert
For example, show events alert high 10:00 September 22 2002 displays all high
severity events since 10:00 a.m. September 22, 2002.
Events from the specified time are displayed.
Step 5
Show events that began in the past:
Cisco Intrusion Detection System Appliance and Module Installation and Configuration Guide Version 4.1
78-15597-02
hh:mm month day year
Time is specified in 24-hour format. You can use single digit numbers for
the date.
level hh:mm month day year
Sensor Administrative Tasks
10-29
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor and is the answer not in the manual?
Questions and answers