show security idp counters ips

TCP fast path

Number of TCP packets skipped for IDS processing.

Layer-4 anomalies

Number of Layer-4 protocol error or anomaly.

Anomaly hash misses

Number of times look failed on anomaly hash.

Line context matches

Number of attempts to match line based attacks in traffic stream.

Stream256 context matches

Number of attempts to match stream based attacks in first 256 bytes of traffic stream.

Stream context matches

Number of attempts to match stream based attacks in traffic stream.

Packet context matches

Number of attempts to match packet based attacks in traffic packet.

Packet header matches

Number of attempts to match packet header based attacks in traffic packet.

Context matches

Number of attempts to match protocol context based attacks in traffic stream.

Regular expression matches

Number of attempts to match PCRE expressions in traffic stream.

Tail DFAs

Number of attempts to match an attack on tail DFA group matches.

Exempted attacks

Number of attacks exempted from match as per exempt rulebase.

Out of order chains

Number of times attack is excluded from match due to member attacks in an attack group did not complete chain.

Partial chain matches

Number of attacks in partial chain match with attack scope as transaction.

IDS device FIFO size

Number of IDS contexts in virtual IDS device.

IDS device FIFO overflows

Number of times an IDS context can not be written as the IDS device is full.

Brute force queue size

Number of entries in the brute force queue.

IDS cache hits

(Unsupported)

Number of sessions those found attack instance in IDS cache.

IDS cache misses

(Unsupported)

Number of sessions those did not find attack instance in IDS cache.

Shellcode detection invocations

Number of times shell code match is attempted.

Wrong offsets

Number of times attack's offset is not within the service offset range.

No peer MAC

(Unsupported)

Number of times flow peer MAC address is not available.