A-10
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Appendix A System Architecture
MainApp
• Time (UTC and local time)
• Signature name
• Signature ID
• Subsignature ID
• Participant information
• Alarm traits
The NotificationApp sends the following information from the evAlert event in detail mode:
• Originator information
• Event ID
• Event severity
• Time (UTC and local time)
• Signature name
• Signature ID
• Subsignature ID
• Version
• Summary
• Interface group
• VLAN
• Participant information
• Actions
• Alarm traits
• Signature
• IP log IDs
The NotificationApp determines which evError events to send as a trap according to the filter that you
define. You can filter based on error severity (error, fatal, and warning). The NotificationApp sends the
following information from the evError event:
• Originator information
• Event ID
• Event severity
• Time (UTC and local time)
• Error message
The NotificationApp supports GETs for the following general health and system information from the
sensor:
• Packet loss
• Packet denies
• Alarms generated
• Fragments in FRP
• Datagrams in FRP