IDS mailing list archives

Reports from Cisco IDS

From: "Pete S." <pschwarz () directvinternet com>
Date: Thu, 5 Dec 2002 17:37:27 -0500

On the network at work, we use a Cisco PIX (which comes with IDS), which
allows me to send a log to another server.  On that server I use something
called Kiwi Syslog Daemon (http://www.kiwisyslog.com/info_syslog.htm).  From
there, I use ReportGen (http://www.reportgen.com/downloads.htm) which turns
into stuff my boss can read.  Not sure if this solution will work with the
Cisco IDS, but should.  I have seen this run on several platforms.  They
have trial versions, to see if it fits your bill.  Also, their prices are
reasonable, if you like it.
Pete.

Hi,

I have a Cisco IDS (switch module) with the HPOV plug-in. I would like to
know how can I get reports from it. Any kind of report, like by source IP,
top signatures...is this possible? If not, how can I get reports from Cisco
IDS?

Thank you,

Peter
sr. security analyst

Current thread:

Reports from Cisco IDS ids-lists (Dec 04)
- <Possible follow-ups>
- RE: Reports from Cisco IDS Dante Mercurio (Dec 05)
- RE: Reports from Cisco IDS Seamus Hartmann (Dec 05)
- Reports from Cisco IDS Pete S. (Dec 08)
- RE: Reports from Cisco IDS Mark L. Evans (Dec 08)
- RE: Reports from Cisco IDS Alan Shimel (Dec 09)