Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
I'd like to get an alert when a Rogue AP is classified as "Detected Wirelessly and on LAN". I thought about creating a trigger for it, but it isn't obvious to me how to configure it for this. How would you do this?
Thanks,Robert
You might check the "Setting Triggers for IDS Events" on Airwave User Guide ( its in page 211 on Airwave 7.5 UG).
Goodluck!
Thanks. I'd looked over that. The rules under RAPIDS all have a threat level of 5. I bumped the rule for Rogues on the LAN to threat level 6 and made a trigger based off the threat level. I'll see how that works.
It looks like another option would be to create a report that runs regularly with the option "New Rogue Devices: Devices Discovered on the LAN Only" reported. I'll try that too.
Robert
I know that you can setup an email alert...I am seeking to be able to generate/send via syslog or SNMP Trap. Any information would be appreciated.
@hartwell.watkins wrote: I know that you can setup an email alert...I am seeking to be able to generate/send via syslog or SNMP Trap. Any information would be appreciated.
The controller will do that by default (send SNMP traps and syslog). In Airwave you can also forward to an NMS in a trigger.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.