8-16
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
Chapter8 Configuring Event Action Rules
Configuring Target Value Ratings
ipv6-target-address ip_address—Specifies the range set of IP address(es) for IPv6 addresses in the
following form:
<XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX>-<XXXX:XXXX:XXXX:XXXX:
XXXX:XXXX:XXXX:XXXX>[,<XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX>-
<XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX>]
Adding, Editing, and Deleting Target Value Rating s
To add, edit, and delete target value ratings for your network assets, follow these steps:
Step 1
Log in to the CLI using an account with administrator privileges.
Step 2
Enter event action rules submode.
sensor# configure terminal
sensor(config)# service event-action-rules rules1
Step 3
Assign an IPv4 target value rating to the network asset.
sensor(config-eve)# target-value mission-critical target-address 192.0.2.0
Step 4
Assign an IPv6 target value rating to the network asset.
sensor(config-eve)# ipv6-target-value mission-critical ipv6-target-address
2001:0db8:3c4d:0015:0000:0000:abcd:ef12
Step 5
Verify that you added the target value rating.
sensor(config-eve)# show settings
-----------------------------------------------
target-value (min: 0, max: 5, current: 1)
-----------------------------------------------
target-value-setting: mission-critical
target-address: 192.0.2.0 default: 0.0.0.0-255.255.255.255
-----------------------------------------------
ipv6-target-value (min: 0, max: 5, current: 2)
-----------------------------------------------
ipv6-target-value-setting: mission-critical
ipv6-target-address: 2001:0db8:3c4d:0015:0000:0000:abcd:ef12 default: ::0-
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
-----------------------------------------------
sensor(config-eve)#
Step 6
To edit a target value rating, change the target value rating setting of the asset.
sensor(config-eve)# target-value low target-address 192.0.2.0
Step 7
Verify that you edited the target value rating.
sensor(config-eve)# show settings
-----------------------------------------------
target-value (min: 0, max: 5, current: 1)
-----------------------------------------------
target-value-setting: low
target-address: 192.0.2.0 default: 0.0.0.0-255.255.255.255
-----------------------------------------------
Step 8
Delete the target value rating.
sensor(config-eve)# no ipv6-target-value mission-critical
Step 9
Verify that you deleted the target value rating.
sensor(config-eve)# show settings
-----------------------------------------------