From: Andres Riancho (andres.rianchogmail.com)
Date: Thu Aug 18 2005 - 15:30:29 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ray,

    Not sure if this is what you need , but the appliance will generate
a "Network_Silence" event (viewable in SP) when it stops seeing traffic
for a long time. Try setting the advanced parameter value of the
Network_Silence to something that suits you.

Cheers,

Cotten, Ray wrote:

>Does anyone know of a way to alert on the status of a G200 if it has not
>collected any events in XX min/hours?
>
>I have a ping utility that will tell me up/down status but what if
>someone messes up the span port, etc...?
>
>My only thought is writing a script and putting it in cron to check
>Logs. Anyone know what logs I would check to make sure events are
>coming? I'm not sure that they are even written to a file on the sensor
>but rather goto the EC...
>
>Thank you,
>
>Ray
>
>Ray.cottenroche.com
>
>
>_______________________________________________
>ISSForum mailing list
>ISSForumiss.net
>
>TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum
>
>To contact the ISSForum Moderator, send email to mod-issforumiss.net
>
>The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
>
>

--
Andrés Riancho

http://www.securearg.net/
 Secure from the Source

_______________________________________________
ISSForum mailing list
ISSForumiss.net

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforumiss.net

The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]