Using The Event Log To Find Intrusion Alerts; Web: Checking For Intrusions, Listing Intrusion Alerts, And - HP procurve switch 2600 series Access Security Manual
Hide thumbs
Also See for procurve switch 2600 series:
- Installation and getting started manual (116 pages) ,
- Manual (300 pages) ,
- Management and configuration manual (547 pages)
Table of Contents
Advertisement
Configuring and Monitoring Port Security
Reading Intrusion Alerts and Resetting Alert Flags
Log Listing with
Security Violation
Detected
Log Listing with No
Security Violation
Detected
Figure 8-15. Example of Log Listing With and Without Detected Security Violations
8-24
Using the Event Log To Find Intrusion Alerts
The Event Log lists port security intrusions as:
W MM/DD/YY HH:MM:SS FFI: port A3 - Security Violation
where "
W
" is the severity level of the log entry and
that generated the entry. For further information, display the Intrusion Log,
as shown below.
From the CLI. Type the log command from the Manager or Configuration
level.
Syntax:
log [search-text ]
For search-text , you can use ffi, security, or violation. For example:
From the Menu Interface: In the Main Menu, click on
Next page and Prev page to review the Event Log contents.
For More Event Log Information. See "Using the Event Log To Identify
Problem Sources" in the "Troubleshooting" chapter of the Management and
Configuration Guide for your switch.
Web: Checking for Intrusions, Listing Intrusion Alerts,
and Resetting Alert Flags
1.
Check the Alert Log by clicking on the Status tab and the
If there is a "Security Violation" entry, do the following:
FFI
is the system module
Log Command with "security"
for Search String
and use
4. Event Log
button.
[Overview]
Advertisement
Table of Contents
