Novell SENTINEL 6.1 SP2 - 02-2010 User Manual page 267

Report Data Configuration tab allows you to:
enable/disable any predefined summaries

view attributes of each summary

see the validity of a summary for a timeframe

query which eventfiles need to be run so that the summary is complete

The following are all summaries already defined in the system. It lists the summary name, database
table name and it's attributes in a brief description about the summary.
Summary Name description
Table 11-2
Summary Name
EventSrcSummary
EventDestSummary
EventSevDestTxnmySummary
EventSevDestEvtSummary
EventSevDestPortSummary
EventSevSummary
To disable/enable Summary:
1 Click Report Data Configuration in the navigation pane or click Report Data Configuration
button.
2 To disable a summary, click Active in the Status column until it changes to say InActive.
3 To enable a summary, click InActive in the Status column until it changes to say Active.
Table/Description
EVT_SRC_SMRY_1
This summary sums the event count by source ip, source asset
information, source port, source user, taxonomy, event_name,
resource, Collector, protocol, severity and event time by hour
EVT_DEST_SMRY_1
This summary sums the event count by destination ip, destination
asset information, destination port, destination user, taxonomy,
event_name, resource, Collector, protocol, severity and event time
by hour.
EVT_ DEST_TXNMY_SMRY_1
This summary sums the event count by destination ip, destination
asset information, taxonomy, severity and event time by hour.
EVT_DEST_EVT_NAME_SMRY_1
This summary sums the event count by destination ip, destination
event asset, taxonomy, event name, severity and event time by
hour.
EVT_PORT_SMRY_1
This summary sums the event count by destination port, severity
and event time by hour.
EVT_SEV_SMRY_1
This summary sums the event count by severity and event time by
hour.
Administration 267