Table of Contents
Advertisement
Chapter 42
Viewing Router Information
IPS Alert Statistics
OL-4015-12
The IPS Alert Statistics window displays alert statistics in a color-coded format
for easy recognition. The top part of the screen displays a legend that explains the
use of colors in the display.
Color
Explanation
RED
The event that generated the alert has a high Risk Rating (RR) in
the range of 70 to 100.
MAGENTA
The event that generated the alert has a medium Risk Rating (RR)
in the range of 40 to 69.
BLUE
The event that generated the alert has a low Risk Rating (RR) in
the range of 0 to 39.
By clicking on a column heading, you sort the display based on the values of that
parameter. For example, by clicking on the Signature ID heading, you sort the
display in ascending or descending numerical order of signature IDs. Each
column is described in the following list:
Signature ID—Numerical signature identifier.
•
Description—Description of the signature.
•
Risk Rating—A value between 0 and 100 that represents a numerical
•
quantification of the risk associated with a particular event on the network.
Event Action—The action that IOS IPS is to take when an event matching the
•
signature occurs.
•
Source IP Address—The IP address from which the packet originated.
Destination IP Address—The IP address to which the packet was addressed.
•
If the packet is malicious, the Destination IP address can be considered the
target.
Hits—Number of matching packets.
•
Drop Count—The number of matching packets dropped.
•
Engine—The
signature engine
•
Cisco Router and Security Device Manager 2.5 User's Guide
associated with the signature.
IPS Alert Statistics
42-39
Advertisement
Table of Contents
Troubleshooting
