Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

9-41

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 9 Configuring Anomaly Detection

Working With KB Files

initial 84 14:35:38 CDT Tue Mar 14 2006

2006-Mar-16-10_00_00 84 10:00:00 CDT Thu Mar 16 2006

2006-Mar-17-10_00_00 84 10:00:00 CDT Fri Mar 17 2006

2006-Mar-18-10_00_00 84 10:00:00 CDT Sat Mar 18 2006

2006-Mar-19-10_00_00 84 10:00:00 CDT Sun Mar 19 2006

2006-Mar-20-10_00_00 84 10:00:00 CDT Mon Mar 20 2006

2006-Mar-21-10_00_00 84 10:00:00 CDT Tue Mar 21 2006

2006-Mar-22-10_00_00 84 10:00:00 CDT Wed Mar 22 2006

2006-Mar-23-10_00_00 84 10:00:00 CDT Thu Mar 23 2006

2006-Mar-24-10_00_00 84 10:00:00 CDT Fri Mar 24 2006

2006-Mar-25-10_00_00 84 10:00:00 CDT Sat Mar 25 2006

2006-Mar-26-10_00_00 84 10:00:00 CDT Sun Mar 26 2006

2006-Mar-27-10_00_00 84 10:00:00 CDT Mon Mar 27 2006

2003-Jan-02-10_00_00 84 10:00:00 CDT Thu Jan 02 2003

2003-Jan-03-10_00_00 84 10:00:00 CDT Fri Jan 03 2003

2003-Jan-04-10_00_00 84 10:00:00 CDT Sat Jan 04 2003

2003-Jan-05-10_00_00 84 10:00:00 CDT Sun Jan 05 2003

2003-Jan-06-10_00_00 84 10:00:00 CDT Mon Jan 06 2003

sensor#

Step 3 Display the KB files for a specific virtual sensor.

sensor# show ad-knowledge-base vs0 files

Virtual Sensor vs0

Filename Size Created

initial 84 10:24:58 CDT Tue Mar 14 2006

2006-Mar-16-10_00_00 84 10:00:00 CDT Thu Mar 16 2006

2006-Mar-17-10_00_00 84 10:00:00 CDT Fri Mar 17 2006

2006-Mar-18-10_00_00 84 10:00:00 CDT Sat Mar 18 2006

2006-Mar-19-10_00_00 84 10:00:00 CDT Sun Mar 19 2006

2006-Mar-20-10_00_00 84 10:00:00 CDT Mon Mar 20 2006

Saving and Loading KBs Manually

Use these commands in privileged EXEC mode to manually save and load KBs. The following options

apply:

• show ad-knowledge-base virtual-sensor files—Displays the available KB files per virtual sensor.

• anomaly-detection virtual-sensor load {initial | file name}—Sets the KB file as the current KB for

the specified virtual sensor. If AD is active, the file is loaded as the current KB.

• anomaly-detection virtual-sensor save [new-name]—Retrieves the current KB file and saves it

locally.

Manually Saving and Loading KBs

To manually save and load a KB, follow these steps:

Step 1 Log in to the CLI using an account with administrator privileges.

Step 2 Locate the KB you want to load.

sensor# show ad-knowledge-base vs0 files

Virtual Sensor vs0

Filename Size Created

initial 84 10:24:58 CDT Tue Mar 14 2006

2006-Mar-16-10_00_00 84 10:00:00 CDT Thu Mar 16 2006

2006-Mar-17-10_00_00 84 10:00:00 CDT Fri Mar 17 2006

previous next