Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1 Manual page 60

54 M S
ANAGING ENTRIES
Step 8
Step 9
Table 4-7 Sentry Attributes Parameters (continued)
Parameter
Weight
Save as package
Minimum Activations
Before Alert
Delay Between Alerts
Maximum responses per
event
Sharing
Click Next.
The Sentry Responses window appears.
Enter values for the parameters:
Table 4-8 Sentry Response Parameters
Parameter Sub-Parameter Action
Email Email Subject
STRM Users Guide
Action
Specify the relative importance of this sentry. This
determines the ranking that the generated event displays
in the Offense Manager.
STRM uses the following formula to calculate the weight:
((sentry weight + network weight + object weight)/3/time
difference
Where time difference is:
1 + (second since the sentry alerted / 10,000,000,000)
Select the check box if you wish to save this sentry as a
package to use with other sentries. By default, the check
box is clear. Specify the following:
Package Name - Specify the name you wish to assign
•
to this package.
Package Description - Specify a description for the
•
package.
Share Package - Click Share Package to share this
•
package with other STRM users.
Specify the minimum number of times you wish this
activity to occur before an alert generates.
We recommend that you specify at least six activations
before alert.
Specify the number of intervals, after of the first
occurrence of this alert, before the next occurrence of this
event.
Specify the maximum number of times you wish this event
to generate.
If you set the Delay Between Alerts parameter to 0 and
the Maximum responses per event to 1, only one alert
generates per event.
Click Share Sentry to access the Select Users window,
which allows you to indicate any users you wish to share
this sentry.
Specify a subject for the notification e-mail sent by the
sentry engine.