Reiver, have you thought about coding a user defined response to write to a local flat file? This is pretty much straightforward, a simple cmd file response could look like this:
@echo off rem parse all parameters needed in sensor response policy echo %* >> c:\logfile A more elegant way to do this is to use the logevent.exe utility from the W2K resource kit, which allows to write to the local application log. This can be used to trigger events in the local tivoli agent. Karl Reiver schrieb: > Nope. No printing subsystems, Posix, OS/2, OS stripped down to core, most > programs removed. No OOB management. ISS + multiple vendor appliances for > every zone and the POS Tivoli thrown in the mix. lol. > > Reiver > > ----- Original Message ----- > From: "Ballerini, Jean Paul (ISS EMEA)" <[EMAIL PROTECTED]> > To: "Reiver" <[EMAIL PROTECTED]>; "[EMAIL PROTECTED]" > <[email protected]> > Sent: Monday, October 17, 2005 10:38 AM > Subject: RE: [ISSForum] Sending high alerts to a flatfile or Tivoli > > > Not even SNMPv3 ? > > Jean Paul > > -----Original Message----- > From: [EMAIL PROTECTED] On Behalf Of Reiver > Sent: sabato 15 ottobre 2005 3.42 > To: [EMAIL PROTECTED] > Subject: Re: [ISSForum] Sending high alerts to a flatfile or Tivoli > > Sorry, forgot to mention that we aren't allowed to use SNMP (security > reasons). > > Thanks! > Reiver > > ----- Original Message ----- > From: "Bruetsch, Markus (ISS California)" <[EMAIL PROTECTED]> > To: "Reiver" <[EMAIL PROTECTED]>; "[EMAIL PROTECTED]" > <[email protected]> > Sent: Friday, October 14, 2005 8:04 AM > Subject: RE: [ISSForum] Sending high alerts to a flatfile or Tivoli > > > You can use the SNMP response in SiteProtector to sent the alerts to Tivoli. > > > > Regards > > Markus > - > Markus Brütsch > TZ: US Pacific > Office: 805 241 6282 > > > -----Original Message----- > From: [EMAIL PROTECTED] On Behalf Of Reiver > Sent: Thu, Oct 13, 2005 17:37 > To: [EMAIL PROTECTED] > Subject: [ISSForum] Sending high alerts to a flatfile or Tivoli > > We are trying to send alerts for Server Sensor to a flatfile that Tivoli can > read or find a way for Tivoli to read the high alerts only in a more direct > manner. Has anyone done this? I realize that there is a Tivoli Console for > Real Secure, but I want to continue to monitor with site protector and I > don't have control of the Tivoli mothership, only the local agents. > > Thanks! > _______________________________________________ > ISSForum mailing list > [email protected] > > TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to > https://atla-mm1.iss.net/mailman/listinfo/issforum > > To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] > > The ISSForum mailing list is hosted and managed by Internet Security > Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328. > > > _______________________________________________ > ISSForum mailing list > [email protected] > > TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to > https://atla-mm1.iss.net/mailman/listinfo/issforum > > To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] > > The ISSForum mailing list is hosted and managed by Internet Security > Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328. > > > _______________________________________________ > ISSForum mailing list > [email protected] > > TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to > https://atla-mm1.iss.net/mailman/listinfo/issforum > > To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] > > The ISSForum mailing list is hosted and managed by Internet Security Systems, > 6303 Barfield Road, Atlanta, Georgia, USA 30328. > -- Karl-Heinz Jaeger Manager Customer Services ______________________________________________________________ Schützen Sie Ihr Netz von Innen. - Sensibilisieren Sie Ihre Mitarbeiter für IT-Sicherheit. Erfahren Sie alles über unser kostenloses Security Awareness Training unter: http://www.open-beware.de Besuchen Sie unseren IDP-Workshop am 16.November 2005 in Frankfurt. Informieren Sie sich hier: http://www.bdg.de/ Treffen Sie am 19. jeden Monats IT-Sicherheits-Experten beim BDG-Security-Point! Alle Informationen finden Sie hier: http://www.bdg.de/security-point ______________________________________________________________ * BDG GmbH & Co. KG - Make IT safe. * Stolbergerstr. 307 D-50933 Koeln Tel: +49 (0)6126-94433-0 Fax: +49 (0)6126-94433-31 E-Mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Web: www.bdg.de <http://www.bdg.de> ______________________________________________________________ _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
