Event Groups
Search for an Event Description or CVE Names
You can search for partial matches of event descriptions or Common Vulnerabilities and Exposures
(CVE) names.
Enter the text that you want to search for in the Search field.
Step 1
Step 2
Click Search.
To view a list of all currently supported CVEs
Enter CVE into the Search field.
Step 1
Click Search.
Step 2
Event Groups
Using and creating event groups is one of the most powerful ways to leverage rules. You can take any
of the events presented here, group them, and then use them with rules to concentrate your searches for
attacks.
To filter by event groups or severity
From the appropriate list, select the group or severity.
Edit a Group of Events
You can not edit system-defined groups.
Note
Select the group in the Select Group list.
Step 1
Click Edit Group.
Step 2
Step 3
Click each group in the Chosen and Available fields to highlight it. Click it again to de-highlight it.
Step 4
Click Add or Remove to move highlighted items as needed.
Click Submit.
Step 5
User Guide for Cisco Security MARS Local Controller
23-2
Chapter 23
Management Tab Overview
78-17020-01