Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 29

Strm log management users guide

Hide thumbs Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1:

Manual (36 pages)

Administration manual (92 pages)

Manual (246 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

page of 130

/ 130
Contents
Table of Contents
Bookmarks

Table of Contents

Table 3-6 Aggregate Normalized Events (continued)

Aggregate Option

Src IP/ Dst IP/ Event

Name/ User

Src IP/ Dst IP/ User

Src IP / Dst IP

Dst IP/ Port

Event Name/ Device

Device/ High Level Cat Displays a summarized list of events grouped by the device

Device/ High Level

Cat./ Low Level Cat.

Matched Custom Rule

Event Name/ Device

Group

Device Group/ High

Level Cat

Device Group/ High

Level Cat/ Low Level

Cat

Src IP/ MAC

Src NAT/ Dst NAT

Src IP/ High Level Cat

STRM Log Management Users Guide

Description

Displays a summarized list of events grouped by the source

IP address, destination IP address, event name, and user.

Displays a summarized list of events grouped by the source

IP address, destination IP address , and the username

associated with the event.

Displays a summarized list of events grouped by traffic from

the source IP address to destination IP address.

Displays a summarized list of events grouped by destination

IP address and port.

Displays a summarized list of events grouped by the event

name and the device that sent the event to STRM Log

Management.

that sent the event to STRM Log Management and the

high-level category.

For more information on categories, see the Event Category

Correlation Reference Guide.

Displays a summarized list of events grouped by the device

that sent the event to STRM Log Management and the high

and low-level categories.

Displays a summarized list of events grouped by the

associated custom rule.

Displays a summarized list of events grouped by the event

name and the device group.

Displays a summarized list of events grouped by the device

group and the high-level category.

For more information on categories, see the Event Category

Correlation Reference Guide.

Displays a summarized list of events grouped by the device

group and the low-level category.

For more information on categories, see the Event Category

Correlation Reference Guide.

Displays a summarized list of events grouped by the source

IP address and the source MAC address.

Network Address Translation (NAT) translates an IP address

in one network to a different IP address in another network.

The list of events that appears includes a summarized list of

events grouped by the source and destination information

(IP address and port) before and after NAT was applied.

Displays a summarized list of events grouped by the source

IP address and the high-level category. The aggregate

results provides a list of source IP addresses.

For more information on categories, see the Event Category

Correlation Reference Guide.

Viewing Events

Table of Contents

Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 29

Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1

Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1

Table of Contents