Cisco Systems IPS 7.1 Home Security System User Manual


  Open as PDF
of 1042
 
8-11
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 8 Defining Signatures
Configuring Signatures
Step 4 Enter event counter submode.
sensor(config-sig-sig)# event-counter
Step 5 Specify how many times an event must occur before an alert is generated.
sensor(config-sig-sig-eve)# event-count 2
Step 6 Specify the storage type on which you want to count events for this signature.
sensor(config-sig-sig-eve)# event-count-key AxBx
Step 7 (Optional) Enable alert interval.
sensor(config-sig-sig-eve)# specify-alert-interval yes
Step 8 (Optional) Specify the amount of time in seconds before the event count should be reset.
sensor(config-sig-sig-eve-yes)# alert-interval 30
Step 9 Verify the settings.
sensor(config-sig-sig-eve-yes)# exit
sensor(config-sig-sig-eve)# show settings
event-counter
-----------------------------------------------
event-count: 2 default: 1
event-count-key: AxBx default: Axxx
specify-alert-interval
-----------------------------------------------
yes
-----------------------------------------------
alert-interval: 30 default: 60
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
sensor(config-sig-sig-eve)#
Step 10 Exit signatures submode.
sensor(config-sig-sig-eve)# exit
sensor(config-sig-sig)# exit
sensor(config-sig)# exit
Apply Changes:?[yes]:
Step 11 Press Enter to apply the changes or enter no to discard them.
 previous next