Table of Contents
Advertisement
Sensor Configuration Tasks
Note
Example:
sensor# iplog 0 10.16.0.0 duration 5
Logging started for group 0, IP address 10.16.0.0, Log ID 137857506
Warning: IP Logging will affect system performance.
The example shows the sensor logging all IP packets for 5 minutes to and from
the IP address 10.16.0.0.
Note
Monitor the IP log status by executing the iplog-status command:
Step 3
sensor# iplog-status
Log ID:
IP Address:
Group:
Status:
Bytes Captured:
Packets Captured:
Log ID:
IP Address:
Group:
Status:
Start Time:
End Time:
Bytes Captured:
Packets Captured:
Log ID:
Cisco Intrusion Detection System Appliance and Module Installation and Configuration Guide Version 4.1
10-52
minutes—Duration the logging should be active, in minutes (0-60). The
•
default is 10 minutes.
numPackets—Maximum number of packets to log (0-4294967295). The
•
default is 1000 packets.
numBytes—Maximum number of bytes to log (0-4294967295).
•
These parameters are optional, you do not have to specify all three.
However, if you include more than one parameter, the sensor continues
logging only until the first threshold is reached. For example, if you set
the duration to 5 minutes and the number of packets to 1000, the sensor
stops logging after the 1000th packet is captured, even if only 2 minutes
have passed.
Make note of the Log ID for future reference.
137857506
10.16.0.0
0
added
0
0
137857512
10.16.0.0
0
completed
1070363599443768000
1070363892909384000
30650
263
137857513
Chapter 10
Configuring the Sensor Using the CLI
78-15597-02
Advertisement
Table of Contents
Troubleshooting
