Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

9-44

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 9 Configuring Anomaly Detection

Working With KB Files

Warning: Executing this command will delete all virtual sensor 'vs0' knowledge bases

except the file loaded as current and the initial knowledge base.

Continue with erase? [yes]: yes

sensor#

Step 7 Remove all KB files except the file loaded as current and the initial KB file from all virtual sensors.

sensor# erase ad-knowledge-base

Warning: Executing this command will delete all virtual sensor knowledge bases except the

file loaded as current and the initial knowledge base.

Continue with erase? [yes]: yes

sensor#

For More Information

• For the procedure for creating a new KB using the load command, see Saving and Loading KBs

Manually, page 9-41.

• For the procedure for adding hosts to the SSH known hosts list, see Adding Hosts to the SSH Known

Hosts List, page 4-45.

• For the procedure for adding TLS trusted hosts, see Adding TLS Trusted Hosts, page 4-51.

Displaying the Differences Between Two KBs

Use the show ad-knowledge-base virtual-sensor diff {current | initial | file name1}{current | initial |

file name2} [diff-percentage] command in privileged EXEC mode to display the differences between

two KBs. The following options apply:

• virtual-sensor—Specifies the name of the virtual sensor that contains the KB files you want to

compare.

• name1—Specifies the name of the first existing KB file to compare.

• name2—Specifies the name of the second existing KB file to compare.

• current—Specifies the currently loaded KB.

• initial—Specifies the initial KB.

• file—Specifies the name of an existing KB file.

• diff-percentage—(Optional) Displays the services where the thresholds differ more than the

specified percentage. The valid values are 1 to 100. The default is 10%.

Comparing Two KBs

To compare two KBs, follow these steps:

Step 1 Log in to the CLI.

Step 2 Locate the file you want to compare.

sensor# show ad-knowledge-base vs0 files

Virtual Sensor vs0

Filename Size Created

initial 84 04:27:07 CDT Wed Jan 29 2003

* 2006-Jun-28-10_00_01 84 04:27:07 CDT Thu Jun 29 2006

sensor#

previous next