Who should apply the Patch
1) Users who have the following devices reporting to MARS: Cisco Switch IOS, Cisco IPS
- User has a Cisco Switch-IOS configured to send syslogs to the MARS (CSCsu94548)
- User downloaded and installed MARS IPS packages S333, S351, or S354 from http://www.cisco.com/cgi-bin/tablebuild.pl/mars-ips-sigup, or configured the dynamic autoupdate utility to download these packages (CSCsu96311)
2) Users who attempt to download raw messages from the database in the GMT+ timezone (CSCsv01999)
3) Users who make use of source/destination port ranking queries (CSCsq48971)
This patch is being released to address four issues
1) CSCsu94548 - None of the Cisco Switch-IOS syslog messages are parsed by MARS
2) CSCsu96311 - Need to fix missing/mis-mapped IPS events in database.
3) CSCsv01999 - Not able to retrieve raw message files using MARS GUI
4) CSCsq48971 - service filter for src/dest port ranking query displays all ports
I suggest you read the readme file before applying.
Posts
No comments:
Post a Comment