Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 57
Strm log management users guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1:
- Manual (36 pages) ,
- Administration manual (92 pages) ,
- Manual (246 pages)
Table of Contents
Advertisement
Table 4-4 IP / Port Test Group (continued)
Test
Description
Remote Port
Valid when the remote port
of the event is one of the
configured remote port(s).
Source IP
Valid when the source IP
Address
address of the event is one
of the configured IP
address(es).
Destination IP
Valid when the destination
Address
IP address of the event is
one of the configured IP
address(es).
Local IP
Valid when the local IP
Address
address of the event is one
of the configured IP
address(es).
Remote IP
Valid when the remote IP
Address
address of the event is one
of the configured IP
address(es).
IP Address
Valid when the source or
destination IP address of
the event is one of the
configured IP address(es).
Table 4-5 Date/Time Tests
Test
Description
Event Day
Valid when the event occurs
on the configured day of the
month.
Event Week
Valid when the event occurs
on the configured days of the
week.
Event Time
Valid when the event occurs
on the after the configured
time.
Default Test Name
when the remote port is one
of the following ports
when the source IP is one
of the following IP
addresses
when the destination IP is
one of the following IP
addresses
when the local IP is one of
the following IP addresses
when the remote IP is one
of the following IP
addresses
when either the source or
destination IP is one of the
following IP addresses
Date/Time Tests
The date and time tests include:
STRM Log Management Users Guide
Default Test Name
when the event(s)
occur on the selected
day of the month
when the event(s)
occur on any of these
days of the week
when the event(s)
occur after this time
Creating a Rule
Parameters
ports - Specify the ports you wish
this test to consider.
IP addresses - Specify the IP
address(es) you wish this test to
consider.
IP addresses - Specify the IP
address(es) you wish this test to
consider.
IP addresses - Specify the IP
address(es) you wish this test to
consider.
IP addresses - Specify the IP
address(es) you wish this test to
consider.
IP addresses - Specify the IP
address(es) you wish this test to
consider.
Parameters
Configure the following parameters:
on - Specify if you wish this test
•
to consider on, after, or before the
configured day.
selected - Specify the day of the
•
month you wish this test to
consider.
these days of the week - Specify
the days of the week you wish this
test to consider.
Configure the following parameters:
after - Specify if you wish this test
•
to consider after, before, or at the
configured time.
this time - Specify the time you
•
wish this test to consider.
51
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series