[c-nsp] Monitoring ASA with SSM-20 IPS/IDS Module

David Farrell dfarrell at tibus.com
Thu Jun 7 02:33:11 EDT 2012


On 07/06/2012 04:08, Joseph Hardeman wrote:
> I have been searching and hope that someone can help me out.  I would like
> to monitor the SSM-20 module and threats detected via SNMP.  I have found
> where people are doing this, but I am not able to find a script to help me
> out.
Hi Joe,

I don't have any scripts to hand but in the past I fed the traps into 
snmptrapd/SNMPTT and generated email alerts and log files for analysis 
from this. I think I also used SWATCH or SEC for event correlation/log 
filtering. I need to repeat this work but it's not on my work plan until 
September this year. I'd be able to tell you better after that. 
Hopefully this is a pointer in the right direction though.

Cheers,

David.

-- 
DAVID FARRELL
IP Engineer
Tibus
Hosting&  Connectivity

Follow us on Twitter: http://twitter.com/tibus

T: +44 (0)28 9033 1122
F: +44 (0)28 9042 4709
E: dfarrell at tibus.com
W: www.tibus.com | www.tibushost.com | www.tibusconnect.com

Tibus is a trading name of The Internet Business Ltd, a company limited by share capital and registered in Northern Ireland, NI31235. It is a part of UTV Media Plc.

This e-mail and any attachment may contain confidential and privileged information for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorised to receive for the recipient), please contact the sender by reply e-mail and delete all copies of this message.



More information about the cisco-nsp mailing list