How to find out the IPS/IDS logs.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How to find out the IPS/IDS logs.

L4 Transporter

Hi Friends,

How to find out the IPS/IDS/Anti-spoofing Logs with CLI or GUI.

Regards

Satish

1 accepted solution

Accepted Solutions

L4 Transporter

Thanks all for reply.

I think IPS, IDS, anti-virus, anti-spyware and vulnerability combined of all is called threat logs.

Regards

Satish

View solution in original post

9 REPLIES 9

L0 Member

Hi Satish

You can find it under Monitor-> Threat tab.

L4 Transporter

And CLI:

> show log threat

Regards,

Guillermo.

can you suggest where we can see only IPS logs for audit purpose?

panos HULK Steven Puluka hshah please suggest !!!

can you check that

What are the Threat Log Values for Threat ID and Direction

you can filter the threat logs then.

L7 Applicator

> show log threat start-time equal 2014/10/01@10:00:00 end-time equal 2014/12/30@10:00:00 suppress-threatid-mapping equal no csv-output equal no direction equal backward

Additional suggestions:

Adjust your start-time and end-time

Remove 'direction equal backward' if your want to make newest event show last

Use "csv-output equal yes" if you want to export to a spreadsheet

Use " > set cli pager off " to avoid being asked to press spacebar (useful for logging TTY session output at one strike)

I'm not sure I follow exactly what kind of report you are looking for.

As a general rule, I think the ACC tab is the best place to drill into threat activity and reporting.  You have a lot of filtering options to narrow down your area of interest.

The monitor tab and threat monitor can also be a good top level view to understand where you want to drill into the data using the monitor tab reporting functions.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

L4 Transporter

Thanks all for reply.

I think IPS, IDS, anti-virus, anti-spyware and vulnerability combined of all is called threat logs.

Regards

Satish

That is correct Satish

Regards,

Guillermo.

  • 1 accepted solution
  • 9197 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!