Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

16-18

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 16 Working With Configuration Files

Filtering the Current Submode Configuration Output

host-ip 192.0.2.0/24,192.0.2.17

engine atomic-ip

Filtering the Current Submode Configuration Output

Use the show settings | [begin | exclude | include] regular_expression command in the submode you

are interested in to search or filter the output of the contents of the submode configuration. The following

options apply:

• |—The pipe symbol indicates that an output processing specification follows.

• begin—Begins unfiltered output of the show settings command with the first line that contains the

regular expression specified.

• exclude—Excludes lines in the output of the show settings command that contain a particular

regular expression.

• include—Includes only the lines in the output of the show settings command that contain the

regular expression you specify.

• regular_expression—Specifies any regular expression found in the show settings command output.

Note The regular_expression option is case sensitive and allows for complex matching

requirements.

Filtering the Submode Output

To search or filter the output of the contents of the submode configuration, follow these steps:

Step 1 Log in to the CLI using an account with administrator privileges.

Step 2 Search the output of the event action rules settings for the regular expression, “filters,” for example.

sensor# configure terminal

sensor(config)# service event-action-rules

sensor(config-rul)# show settings | begin filters

filters (min: 0, max: 4096, current: 0 - 0 active, 0 inactive)

-----------------------------------------------

general

-----------------------------------------------

global-overrides-status: Enabled <defaulted>

global-filters-status: Enabled <defaulted>

global-summarization-status: Enabled <defaulted>

global-metaevent-status: Enabled <defaulted>

global-deny-timeout: 3600 <defaulted>

global-block-timeout: 15 default: 30

max-denied-attackers: 10000 <defaulted>

-----------------------------------------------

target-value (min: 0, max: 5, current: 0)

-----------------------------------------------

-----------------------------------------------

sensor(config-rul)#

Step 3 Filter the output of the network access settings to exclude the regular expression.

sensor# configure terminal

sensor(config)# service network-access

previous next