Filter
Top Products
9-42
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 9 Configuring Anomaly Detection
Working With KB Files
2006-Mar-18-10_00_00 84 10:00:00 CDT Sat Mar 18 2006
2006-Mar-19-10_00_00 84 10:00:00 CDT Sun Mar 19 2006
2006-Mar-20-10_00_00 84 10:00:00 CDT Mon Mar 20 2006
Step 3 Load the KB file as the current KB file for a specific virtual sensor.
sensor# anomaly-detection vs0 load file 2006-Mar-16-10_00_00
sensor#
Step 4 Save the current KB file and store it as a new name.
sensor# anomaly-detection vs0 save my-KB
sensor#
Note An error is generated if anomaly detection is not active when you enter this command. You
cannot overwrite the initial file.
Copying, Renaming, and Erasing KBs
Use these commands in privileged EXEC mode to manually copy, rename, and erase KB files. The
following options apply:
• copy ad-knowledge-base virtual-sensor {current | initial | file name} destination-url—Copies the
KB file (current, initial, or the file name you enter) to a specified destination URL.
Note Copying a file to a name that already exists overwrites it.
• copy ad-knowledge-base virtual-sensor source-url new-name—Copies a KB with a new file name
to the source URL you specify.
Note You cannot use the current keyword as a new-name. A new current KB file is created with
the load command.
• rename ad-knowledge-base virtual-sensor {current | file name} new-name—Renames an existing
KB file.
• erase ad-knowledge-base [virtual-sensor [name]]—Removes all KB files from a virtual sensor, or
just one KB file if you use the name option.
You cannot erase the initial KB file or the KB file loaded as the current KB.The exact format of the
source and destination URLs varies according to the file. Here are the valid types:
• ftp:—Source URL for an FTP network server. The syntax for this prefix is:
ftp://[[username@]location][/relativeDirectory]/filename
ftp://[[username@]location][//absoluteDirectory]/filename
Note You are prompted for a password.