From: Christopher M. Heffner (cheffner@certified-labs.com)
Date: Tue Sep 28 2004 - 14:59:25 GMT-3
The answer is no.
Cisco IDS 4.x support the Remote Data Exchange Protocol (RDEP) using
HTTPS over TCP for secure communications.
The only syslog support is in the Security Monitor (Events Database) for
VMS which allows you to send your router and pix ids auditing alarms to
the SecMon database.
SecMon will support PostOffice (UDP 45000), RDEP, Syslog and CSA events
in the single database.
Hope this helps,
Christopher M. Heffner, CCIE, CCSI
Strategic Network Solutions, Inc.
www.certified-labs.com
"Complete CCIE R&S and Security Remote Labs including PIX, VPN 3005, IDS
42xx, CiscoWorks 2000 VMS Server, Cisco CSACS 3.2 and Microsoft CA
Server"
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dennis E. Bates
Sent: Monday, September 27, 2004 1:44 PM
To: ccielab@groupstudy.com
Cc: security@groupstudy.com
Subject: 42XX IDS logging to syslog
I think I saw a question about this topic earlier. I could not find a
response in the archives.
Is it possible to send alerts from a 42XX IDS appliance to a syslog
server ?
Has anyone of this forum ever done this or can point to revelent
material to accomplish this?
Thanks,
Dennis
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:50 GMT-3