Table of Contents
Advertisement
6
U
An event is an action that occurs on a network or a host. The Event Viewer allows
you to monitor and investigate events in real-time or perform advanced searches.
The Event Viewer indicates which events are being correlated to offenses and
which are not.
You can also use the Event Viewer to:
•
•
•
•
•
You must have permission to view the Event Viewer interface. For more
information on assigning roles, see the STRM Administration Guide.
This chapter provides information on using the Event Viewer including:
•
•
•
•
•
•
•
Note: When STRM normalizes events, the system normalizes names as well.
Therefore, the name that appears in the Event Viewer may not match the name
that appears in the event.
SING THE
Associate or map an unknown event to a high-level and low-level category (or
QID).
Tune false positive events from generating offenses.
Search events.
View event information aggregated by various options.
Export events in XML or CSV format.
Using the Event Viewer Interface
Viewing Events
Searching Events
Viewing the Associated Offense
Modifying Event Mapping
Tuning False Positives
Exporting Events
STRM Users Guide
E
V
VENT
IEWER
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
- Juniper NETWORKS STRM - TECHNICAL NOTE REV 6-2008
- Juniper JUNOS - NETWORK OPERATION GUIDE REV1
- Juniper JUNOSE 11.1.0 - REV 4-29-2010
- Juniper MEDIA FLOW CONTROLLER 2.0.5 - S REV 15-11-2010
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - INSTALLATION REV1
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 MODULE GUIDE REV 01-10-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 HARDWARE GUIDE REV 9-29-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010