Filter
Top Products
9-40
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 9 Configuring Anomaly Detection
Working With KB Files
start-time: 12:00:00 default: 10:00:00
interval: 24 hours default: 24
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
Step 7 Exit anomaly detection submode.
sensor(config-ano-aut)# exit
sensor(config-ano)# exit
Apply Changes:?[yes]:
Step 8 Press Enter to apply your changes or enter no to discard them.
For More Information
For the procedures for saving and loading anomaly detection KBs manually, see Saving and Loading
KBs Manually, page 9-41.
Working With KB Files
This section describes how to display, load, save, copy, rename and delete KB files. It also provides the
procedures for comparing two KB files and for displaying the thresholds of a KB file. It contains the
following topics:
• Displaying KB Files, page 9-40
• Saving and Loading KBs Manually, page 9-41
• Copying, Renaming, and Erasing KBs, page 9-42
• Displaying the Differences Between Two KBs, page 9-44
• Displaying the Thresholds for a KB, page 9-45
Displaying KB Files
Use the show ad-knowledge-base [virtual-sensor] files command in privileged EXEC mode to display
the available KB files for a virtual sensor.
Note The * before the file name indicates that this KB file is the currently loaded KB file.
To display KB files, follow these steps:
Step 1 Log in to the CLI.
Step 2 Display the KB files for all virtual sensors.
sensor# show ad-knowledge-base files
Virtual Sensor vs0
Filename Size Created
initial 84 04:27:07 CDT Wed Jan 29 2003
* 2003-Jan-28-10_00_01 84 04:27:07 CDT Wed Jan 29 2003
Virtual Sensor vs1
Filename Size Created