List of System Reports
This report lists vulnerable hosts and associated vulnerabilities found by importing information
from Vulnerability Analysis (VA) scanners.
Activity: Vulnerable Host Found.
•
This host lists all vulnerable hosts found by IDS or VA scanners
Activity: Vulnerable Host Found.
•
This host lists all vulnerable hosts found by IDS or VA scanners
Activity: Web Usage - Top Destinations by Bytes.
•
This report ranks the web servers by bytes transferred.
•
Activity: Web Usage - Top Destinations by Bytes.
Activity: Web Usage - Top Destinations by Bytes
Activity: Web Usage - Top Destinations by Sessions.
•
This report ranks the top web destinations by session count.
Activity: Web Usage - Top Destinations by Sessions.
•
Activity: Web Usage - Top Destinations by Sessions
Activity: Web Usage - Top Sources.
•
This signature ranks source addresses based on web use.
•
Activity: Web Usage - Top Sources.
Activity: Web Usage - Top Sources
Attacks: All - All Events.
•
This event details details (event type, destination, source) for all attack events.
Attacks: All - All Events.
•
This event details details (event type, destination, source) for all attack events.
Attacks: All - Top Destinations.
•
This report ranks hosts by the number of attacks targetted at each host.
•
Attacks: All - Top Destinations.
Attacks: All - Top Destinations
Attacks: All - Top Event Type Groups.
•
This report ranks event type groups that appear in fired correlation rules. The event type groups give
a general feeling about the network activity classified as part of an attack by MARS.
Attacks: All - Top Event Type Groups.
•
Attacks: All - Top Event Type Groups
Attacks: All - Top Rules Fired.
•
This report ranks rules fired over the past hour by number of incidents. This provides a general
feeling about the attack activity in the network. This report is used by pages in the Summary tab.
Attacks: All - Top Rules Fired.
•
Attacks: All - Top Rules Fired
Attacks: All - Top Sources.
•
This report ranks the sources of attack events seen by MARS over the past hour.
User Guide for Cisco Security MARS Local Controller
D-30
Appendix D
System Rules and Reports
78-17020-01