IDS Status

Overview

The Diagnostics page allows you to issue diagnostic commands to the selected Mako and then view the diagnostic results.

To execute the “IDS Status” diagnostic command, click its radio button in the Command column of the list. The diagnostic results will appear above the list.

IDS Status


Figure 1. Example “IDS Status” Diagnostic Results

The “IDS Status” diagnostic results (Fig. 1) show the status of the selected Mako’s IDS service and statistics related to this service. This may be useful when troubleshooting any issues related to the IDS service.

Simple View

IDS Status

  • Status – current IDS service status
  • Last rule update – time since IDS rules were last updated
  • Last rule check – time since IDS rules were last checked
  • Rules size – size of IDS rules configuration file in MB

Statistics

  • flow.memuse – amount of memory in use by flow engine
  • flow.spare – amount of memory available for use by flow engine
  • flow_mgr.rows_checked – number of detection log rows checked by flow engine
  • flow_mgr.rows_skipped – number of detection log rows skipped by flow engine
  • tcp.memuse – amount of memory in use by TCP stream engine
  • tcp.reassembly_memuse – amount of memory in use by TCP stream engine for TCP stream reassembly

Advanced View

There is an “Advanced” link below the diagnostic results that allows you to see the raw data.

Previous : IDS Rules Update
Interface List : Next
Was this post helpful?
Please let us know if this helped you find answers.
Yes
No