14-41
Configuring and Monitoring Port Security
Reading Intrusion Alerts and Resetting Alert Flags
Figure 14-23.Example of Port Status Screen After Alert Flags Reset
For more on clearing intrusions, see “Note on Send-Disable Operation” on
page 14-37.
Using the Event Log To Find Intrusion Alerts
The Event Log lists port security intrusions as:
W MM/DD/YY HH:MM:SS FFI: port A3 — Security Violation
where “
W” is the severity level of the log entry and FFI is the system module
that generated the entry. For further information, display the Intrusion Log,
as shown below.
From the CLI. Type the log command from the Manager or Configuration
level.
Syntax: log < search-text >
For < search-text >, you can use ffi, security, or violation. For example:
HP Switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
----- --------- + --------- ------- ------ ---------- ---- ---- -----
1 10/100TX | No Yes Up 100FDx MDI off 0
2 10/100TX | No Yes Down 10FDx MDI off 0
3 10/100TX | No Yes Down 10FDx MDIX off 0
Intrusion Alert on port A1 is now
cleared.
To Next Page
Loading...
Need help?
General