Table of Contents
Advertisement
Report Data Configuration tab allows you to:
Enable/disable any predefined summaries
View attributes of each summary
See the validity of a summary for a period of time
Query which Event files need to be run so that the summary is complete
The following are all summaries already defined in the system.
Summary Name Description
Table 10-2
Summary Name
EventSrcSummary
EventDestSummary
EventSevDestTxnmySummary
EventSevDestEvtSummary
EventSevDestPortSummary
EventSevSummary
Section 10.9.1, "Disabling or Enabling a Summary," on page 255
Section 10.9.2, "Viewing Information for a Summary," on page 256
Section 10.9.3, "Checking the Validity of a Summary," on page 256
Section 10.9.4, "Query the Event Files for a Summary," on page 257
Section 10.9.5, "Running the Event Files for a Summary," on page 258
10.9.1 Disabling or Enabling a Summary
1 Click Report Data Configuration in the navigation pane or click the Report Data Configuration
button.
Table/Description
EVT_SRC_SMRY_1
Sums the event count by source IP, source asset information,
source port, source user, taxonomy, event_name, resource,
Collector, protocol, severity, and event time by hour.
EVT_DEST_SMRY_1
Sums the event count by destination IP, destination asset
information, destination port, destination user, taxonomy,
event_name, resource, Collector, protocol, severity, and event time
by hour.
EVT_ DEST_TXNMY_SMRY_1
Sums the event count by destination IP, destination asset
information, taxonomy, severity, and event time by hour.
EVT_DEST_EVT_NAME_SMRY_1
Sums the event count by destination IP, destination event asset,
taxonomy, event name, severity, and event time by hour.
EVT_PORT_SMRY_1
Sums the event count by destination port, severity, and event time
by hour.
EVT_SEV_SMRY_1
Sums the event count by severity and event time by hour.
Administration 255
Advertisement
Table of Contents
