Technical Documentation

Download Software
Research a Problem
Case Management
Contract & Product Management
Technical Documentation
End-of-Life Products
Contact Support
Guidelines and Policies
Security Resources

Downloads
Understanding Traffic Anomalies Rulebase Notification Options

Related Topics
Understanding the Traffic Anomalies Rulebase
IDP Logs Overview
Configuring Traffic Anomalies Rulebase Rules (NSM Procedure)

Understanding Traffic Anomalies Rulebase Notification Options

By default, logging is enabled for Traffic Anomalies rulebase rules. Table 1 describes notification options. You also have the option of disabling logging.

Table 1: Traffic Anomalies Rulebase Notification Options

Option	Description
Event logs and alerts	You can enable the following delivery and handling options for logs: Send to NSM log viewer. Send to NSM log viewer and flag as an alert. Send to an e-mail address list. Send to syslog. Send to SNMP trap. Save in XML format. Save in CVS format. Process with a script.
Packet captures	Packet capture is not available for Traffic Anomalies rulebase rules.

Option

Description

Event logs and alerts

You can enable the following delivery and handling options for logs:

Send to NSM log viewer.
Send to NSM log viewer and flag as an alert.
Send to an e-mail address list.
Send to syslog.
Send to SNMP trap.
Save in XML format.
Save in CVS format.
Process with a script.

Packet captures

Packet capture is not available for Traffic Anomalies rulebase rules.

Note: Traffic Anomalies rulebase notification options are the same as IDP rulebase options, except that packet capture is not applicable.

Technical Documentation

Understanding Traffic Anomalies Rulebase Notification Options

Published: 2010-01-12