Table of Contents
Advertisement
Appendix E
Troubleshooting
ShunEnable = true
ShunnedAddr
If the remote master blocking sensor is using TLS for web access, make sure the forwarding sensor is
Step 9
configured as a TLS host.
sensor# configure terminal
sensor(config)# tls trust ip master_blocking_sensor_ip_address
For More Information
For the procedure to configure the sensor to be a master blocking sensor, refer to
to be a Master Blocking
Logging
TAC may suggest that you turn on debug logging for troubleshooting purposes. Logger controls what
log messages are generated by each application by controlling the logging severity for different logging
zones. By default, debug logging is not turned on. If you enable individual zone control, each zone uses
the level of logging that it is configured for. Otherwise, the same logging level is used for all zones. This
section contains the following topics:
•
•
•
Enabling Debug Logging
Enabling debug logging seriously affects performance and should only be done when instructed by TAC.
Caution
To enable debug logging, follow these steps:
Step 1
Log in to the service account.
Step 2
Edit the log.conf file to increase the size of the log to accommodate the additional log statements.
vi /usr/cids/idsRoot/etc/log.conf
Change
Step 3
Step 4
Locate the zone and CID section of the file and set the severity to debug.
severity=debug
Save the file, exit the vi editor, and exit the service account.
Step 5
Log in to the CLI as administrator.
Step 6
OL-24002-01
Host
IP = 10.16.0.0
ShunMinutes = 60
MinutesRemaining = 59
Sensor.
Enabling Debug Logging, page E-45
Zone Names, page E-49
Directing cidLog Messages to SysLog, page E-50
to
fileMaxSizeInK=500
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
.
fileMaxSizeInK=5000
Troubleshooting the Appliance
Configuring the Sensor
E-45
Advertisement
Table of Contents
Troubleshooting
