|
An intrusion prevention system (IPS) is a computer security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.
About Top Layer Networks
Top Layer Networks is dedicated to its role as the leading global provider of Network Intrusion Prevention Systems (IPS), developing and bringing to market network security infrastructure solutions that help commercial and government organizations protect their critical on-line assets from the losses and risks associated with cyber threats. Its family of IPS appliances is designed with "Three Dimensional Protection" that provides the most advanced protection capabilities against known and unknown attacks at the highest tested performance rates.
About the Top Layer IPS 5500
The IPS 5500 family of products offers the strongest levels of network protection, performance and reliability on the market today.
Log Processing and Reporting
Reading and analyzing raw IPS logs is difficult and time consuming,
especially when one must deal with an enormous quantity of logs generated.
IPS Log Analysis..
Reports of IPS Logs..
LogQuest VF can verify, analyze and generate report for
IPS logs. You need to collect IPS logs and then verify in LogQuest VF.
Report based on the file: /IPS/TopLayer_All-Debug.txt
Pre-defined Log Format: Group_IPS/IPS
Date report was created: 5th November 2007
a)Report Conditions are:
Condition(1)=Data: *,Column: warning type,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: 192.168.10.254,Column: IP-1,Logic: Contain,Rule: Count,Mode: Single
Condition(3)=Data: 05-07-2004, Column: Date,Logic: Contain,Rule: Count,Mode: Single
Condition(4)=Data: *,Column: Time-1,Logic: Contain,Rule: Count,Mode: Single
Condition(5)=Data: IPS5500-1000,Column: top layer,Logic: Contain,Rule: Count,Mode: Single
Condition(6)=Data: prot=ICMP,Column: attck or prot,Logic: Contain,Rule: Count,Mode: Single
Report
|
|
b)Report Conditions are:
Condition(1)=Data: *,Column: IP-2,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: *,Column: atck or prot,Logic: Contain, Rule: Count,Mode: Single
Condition(3)=Data: ,Column: Date, Logic: Contain,Rule: Total Sum,Mode: Single
Report
|
|
c)Report Conditions are:
Condition(1)=Data: *,Column: IP-2,Logic: Contain,Rule: Count,Mode: Single
Condition(2)=Data: prot=ICMP,Column: atck or prot,Logic: Contain,Rule: Count,Mode: Single
Condition(3)=Data: cip=211.218.207.109,Column: cnt or cip,Logic: Contain,Rule: Count,Mode: Single
Condition(4)=Data: atck=icmpLengthError,Column: atck, Logic: Contain,Rule: Count,Mode: Single
Condition(5)=Data: src=intern, Column: src details,Logic: Contain,Rule: Count,Mode: Single
Report
|
|
See=Report based on the file:TopLayer_Syslogd-debug.txt
LogQuest-C Download|E-mail:support@innerbus.com
We are thankful to you for visting the homepage of  Innerbus Company Limited,
a Professional Log Analysis Enterprise
|
