Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 111
Strm log management users guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1:
- Manual (36 pages) ,
- Administration manual (92 pages) ,
- Manual (246 pages)
Table of Contents
Advertisement
Table B-7 Default Building Blocks (continued)
Building Block
Default-BB-FalsePositive:
Database Server False
Positive Events
Default-BB-FalsePositive:
Device and Specific Event
Default-BB-FalsePositive:
DHCP Server False
Positive Categories
Default-BB-FalsePositive:
DHCP Server False
Positive Events
Default-BB-FalsePositive:
DNS Server False
Positive Categories
Default-BB-FalsePositive:
DNS Server False
Positive Events
Default-BB-FalsePositive:
FTP Server False Positive
Categories
Default-BB-FalsePositive:
FTP False Positive Events
Default-BB-FalsePositive:
Global False Positive
Events
Block
Group
Type
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to include the devices
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to define all the false
Positive
False
Event Edit this BB to include any event
Positive
STRM Log Management Users Guide
Description
positive QIDs that occur to or from
database servers that are defined
in the Default-BB-HostDefinition:
Database Servers building block.
and QID of devices that continually
generate false positives.
positive categories that occur to or
from DHCP servers that are
defined in the
Default-BB-HostDefinition: DHCP
Servers building block.
positive QIDs that occur to or from
DHCP servers that are defined in
the Default-BB-HostDefinition:
DHCP Servers building block.
positive categories that occur to or
from DNS based servers that are
defined in the
Default-BB-HostDefinition: DNS
Servers building block.
positive QIDs that occur to or from
DNS-based servers that are
defined in the
Default-BB-HostDefinition: DNS
Servers building block.
positive categories that occur to or
from FTP based servers that are
defined in the
Default-BB-HostDefinition: FTP
Servers building block.
positive QIDs that occur to or from
FTP-based servers that are
defined in the
Default-BB-HostDefinition: FTP
Servers building block.
QIDs that you wish to ignore.
Default Building Blocks
Associated Building
Blocks, if applicable
Default-BB-HostDefinition:
Database Servers
Default-BB-HostDefinition:
DHCP Servers
Default-BB-HostDefinition:
DHCP Servers
Default-BB-HostDefinition:
DNS Servers
Default-BB-HostDefinition:
DNS Servers
Default-BB-HostDefinition:
FTP Servers
Default-BB-HostDefinition:
FTP Servers
105
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series