|
About IPS5500-1000
Attack MitigatorTM IPS5500-1000: Advanced Network Intrusion Prevention System incorporating 3DP protection, bundled with "Network Security Analyzer" reporting and event management software for Windows. 4 Gig and 4 Fast Ethernet
Attached, 2000 Mbps Rated
IPS Log Analysis..
Reports of IPS Logs..
LogQuest VF can verify, analyze and generate report for
IPS logs. You need to collect IPS logs and then verify in LogQuest VF.
Report based on the file: /IPS/TopLayer_Syslogd-debug.txt
Pre-defined Log Format: Group_IPS2/IPS
Date report was created: 7th November 2007
a)Report Conditions are:
Condition(1)=Data: 05-07-2004,Column: Col1_Date,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: ,Column: Col2_Time_a,Logic: Contain, Rule: Total Sum,Mode: Single
Condition(3)=Data: 192.168.10.254, Column: Col3_IPS A,Logic: Contain,Rule: Total Sum,Mode: Single
Condition(4)=Data: IPS5500-1000:,Column: Top Layer IPs,Logic: Contain,Rule: Count,Mode: Single
Condition(5)=Data: *,Column: protocol or atck, Logic: Contain,Rule: Count,Mode: Single
Report
|
|
b)Report Conditions are:
Condition(1)=Data: *,Column: Col7_IPs B,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: IPS5500-1000,Column: Top Layer IPs,Logic: Contain, Rule: Count,Mode: Single
Condition(3)=Data: prot=TCP,Column: protocol or atck,Logic: Contain,Rule: Count,Mode: Single
Condition(4)=Data: *,Column: attack_1,Logic: Contain,Rule: Count,Mode: Single
Report
|
|
c)Report Conditions are:
Condition(1)=Data: *,Column: cip count,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: *,Column: attack_1, Logic: Contain, Rule: Count, Mode: Single
Condition(3)=Data: ,Column: source,Logic: Contain,Rule: Total Sum,Mode: Single
Condition(4)=Data: 05-07-2004,Column: Col1_Date, Logic: Contain,Rule: Count,Mode: Single
Report
|
|
|
