Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1 Manual page 75

var testObj = new CustomFunction( $$Counter,
other_custom_vars);
function test()
{
return testObj.test();
}
You can use all the functions available with JavaScript functionality as well as
the following functions:
Table 4-16 JavaScript Functions
Function
thresholdCheck
learnPolicy
activityAnomaly
Enter values for the parameters:
Step 8
Description
Monitors policy and threshold objects. By default, this value
monitors each object separately. If you wish to test objects as
group, you must add the value set. This function includes:
components - String of component names from one or more
•
layers, separated by colons. For example, in:out.
funcT - Instance of comparison object including above,
•
greatThanEq, below, lessThanEq, Eq, notEq, and range.
isTotal - Set this function to 0 if you wish to test objects
•
seperately. Set this function to 1 if you wish to test all objects
as a group.
time - Indicates time to make a comparison. If no time is
•
supplied, current time is used.
During the learning period, this function selects only object that
did not include traffic. The sentry then generates an alert on
those objects. This function includes:
components - String of component names from one or more
•
layers, separated by colons. For example, in:out.
lockTime - Indicates the time in which you wish to stop the
•
learning process.
Detects changes in the activity level for selected databases. This
function includes:
largewindowsize - Specifies the time range for the large
•
observation window.
smallwindowsize - Specifies the time range for small
•
observation window.
percentrequired - Specifies the required percentage change
•
required before the sentry generates an alert.
layer - Specifies the layer you wish to monitor.
•
type - Specifies the test objects as a group.
•
intervalsize - Specifies the interval size, in seconds.
•
STRM Users Guide
Creating a Sentry 69