I'm getting loads of IPS events and I've attempted to query the local logs for specific events. I'm finding that the query of the Intrusion Protection System only returns messages related to administrivia of the IPS daemon and no information on specific events, alerts, or errors.
It seems hard to believe that this is the intended purpose of these logs. Does anyone know where to find an archive of alerts and evtents from the IPS? for example, clicking on Intrusion Protection \ Rules brings up the list of rules with one field enumerating the number of events a certain rule set created. Clearly one would want to know more details of a given event. This should be found in the logs (without having to connect via ssh). Where?
Much thanks,
~D
This thread was automatically locked due to age.
