Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 28

Strm log management users guide

Hide thumbs Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1:

Manual (36 pages)

Administration manual (92 pages)

Manual (246 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

page of 130

/ 130
Contents
Table of Contents
Bookmarks

Table of Contents

SING THE

VENT

IEWER

Table 3-6 Aggregate Normalized Events (continued)

Aggregate Option

High Level Category

Low Level Category

Magnitude

Credibility

Severity

Relevance

Username

Device

Device Type

Device Group

Network

Src IP/ Dst IP / Dst

Port/ User

Src IP/ Dst IP / Dst

Port/ Event Name

Src IP/ Event Name/

User

STRM Log Management Users Guide

Description

Displays a summarized list of events grouped by the

high-level category of the event.

For more information on categories, see the Event Category

Correlation Reference Guide.

Displays a summarized list of events grouped by the

low-level category of the event.

For more information on categories, see the Event Category

Correlation Reference Guide.

Displays a summarized list of events grouped by the

magnitude for this event. The variables used to calculate

magnitude include credibility, relevance, and severity.

Credibility indicates the integrity of an event as determined

by the credibility rating from source devices. Credibility

increases as the multiple sources results grouped by the

credibility of the event. This aggregate option displays a

summarized list of events grouped by the credibility of the

event.

Severity indicates the amount of threat an attacker poses in

relation to how prepared the target is for the attack. This

value is mapped to an event category that is correlated to

the offense. This aggregate option displays a summarized

list of events grouped by the severity of the event.

Relevance indicates the significance of an event. This option

displays a summarized list of events grouped by the

relevance of the event.

Displays a summarized list of events grouped by the

username associated with the events.

Displays a summarized list of events grouped by the devices

that sent the event to STRM Log Management.

Device Type indicates the type of device that originated the

event. This aggregate option displays a summarized list of

events grouped by device type.

Displays a summarized list of events grouped by device

group.

Displays a summarized list of events grouped by the network

associated with the event.

Displays a summarized list of events grouped by the source

IP address, destination IP address, destination port, and the

user.

Displays a summarized list of events grouped by the source

IP address, destination IP address, destination port, and the

name of the event.

Displays a summarized list of events grouped by the source

IP address, event name, and user.

Table of Contents

Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 28

Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1

Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1

Table of Contents