Cre Offenses; What Is A Cre Offense; How Do I Investigate A Cre Offense - Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1 Manual

4
What is a CRE
Offense?
How do I
Investigate a CRE
Offense?
Step 1
Step 2
CRE O
FFENSES
This chapter provides information on CRE offenses including:

What is a CRE Offense?

•

How do I Investigate a CRE Offense?

•
Custom Rule Engine (CRE) offenses are generated through user defined custom
rules or sentries. A CRE offense appears in the Offense Manager by a custom rule
when a user attempts to map an event to a category not supported by STRM. You
should not receive CRE events in offenses or reports using the standard templates
with STRM.
For more information on rules, sentries, or templates, see the STRM
Administration Guide.
To investigate a CRE offense:
Click the Offense Manager tab.
The Offense Manager window appears.
Click By Category from the navigation menu.
The By Category view appears displaying high-level categories. The counts for
each category are accumulated from the values in the low-level categories.
Hint: Only low-level categories with associated offenses appear with an arrow.
You can click the arrow to view the associated low-level categories. If you wish to
view all categories, click Show Inactive Categories.
Category Offense Investigation Guide