Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - MANAGING SENSOR DEVICES REV 1 Manual page 12
Managing sensor devices
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - MANAGING SENSOR DEVICES REV 1:
- Administration manual (92 pages) ,
- Manual (130 pages) ,
- Manual (246 pages)
Table of Contents
Advertisement
8
M
S
ANAGING
ENSOR
Step 6
D
EVICES
Table 1-2 Edit a Sensor Device Parameters (continued)
Parameter
Coalescing Events
Store Event Payload
Device Extension
Extension Use Condition
Groups
Click Save.
The Sensor Devices window appears.
Managing Sensor Devices Guide
Description
Enables or disables the ability of a sensor device to
coalesce (bundle) events. The default is Yes.
By default, all auto detected sensor devices use the
value configured in the Coalescing Events parameter in
the STRM Settings window. However, when you create
a new sensor device or update the configuration for an
auto detected sensor device, the value configured in
the individual sensor device is the value used by the
sensor device. For more information, see the STRM
Log Management Administration Guide.
Enables or disables the ability for a sensor device to
store event payload information. The default is Yes.
By default, all auto detected sensor devices use the
value configured in the Store Event Payload parameter
in the STRM Settings window. However, when you
create a new sensor device or update the configuration
for an auto detected sensor device, the value
configured in the individual sensor device is the value
used by the sensor device. For more information, see
the STRM Log Management Administration Guide.
Using the drop-down list box, select the device
extension you wish to use for this sensor device.
Device extensions allow you to immediately extend the
parsing routines of specific devices, which ensures
DSMs send valid data to STRM.
For more information on device extensions, see
Creating a Device Extension
Using the drop-down list box, select the extension use
condition that you wish to use for this sensor device:
Parsing Enhancement - When the DSM is unable
•
to parse correctly or is unable to retrieve specific
information from the DSM, the selected device
extension overrides the failed parsing by the DSM.
This is the default setting.
Parsing Override - When the DSM parses correctly
•
for most fields, but needs either one or two fields
corrected, the incorrectly parsed field values are
enhanced.
Select any groups of which you wish this sensor device
to be a member.
.
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - MANAGING SENSOR DEVICES REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - MANAGING SENSOR DEVICES REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series