Table of Contents
Advertisement
Table 4-22 Default Variables
Parameter
Description
$$Base
Specify the current traffic level weight that you wish to assign to
the current traffic levels against the learned behaviors and the
current trend. This variable is for behavioral sentries. The higher
the value indicates more weight on the previously recorded
value. When you configure a sentry, you must enter a value
between 0 to 100, however, when you view a sentry, this value
appears in decimal format as 0.01 to 1.
$$Trend
Specify the current traffic trend weight that you wish to assign to
current traffic trends against the calculated behavior. This
variable is for behavioral sentries. The higher the value indicates
more weight on traffic trends than the calculated behavior. When
you configure a sentry, you must enter a value between 1 to 100,
however, when you view a sentry, this value appears in decimal
format as 0.01 to 1.
$$Season
Specify the weight applied to the seasonal component of the
behavior sentry. The range is 1 to 100. This variable is for
behavioral sentries. When you configure a sentry, you must enter
a value between 1 to 100, however, when you view a sentry, this
value appears in decimal format as 0.01 to 1.
$$SeasonTime
Specify the length of time, in seconds, you wish this sentry to
consider a season. A season indicates the cycle of data, which
STRM uses to determine future data flow. This variable is for
behavioral sentries.
$$Scale
Specify the alert sensitivity level for this alert. This level indicates
how far outside the predicted values before a violation generates.
A value of zero indicates the measured value cannot be outside
the predicted value and a value of 100 indicates the traffic is
more than four times larger than the predicted value. When you
configure a sentry, you must enter a value between 1 to 100,
however, when you view a sentry, this value appears in decimal
format as 0.01 to 1.
$$Counter
Specify the layers you wish this sentry to consider. This variable
is for all sentry types. The options include: in (bytes in), out (bytes
out), pin (packet in), pount (packet count), hlocal (host local),
hremote (host remote), plocal (packet local), premote (packet
remote), and count. Separate each entry with a colon.
$$AsSet
Specify 0 if you wish all objects to add together to be tested.
Specify 1 if you wish each object to be evaluated seperately. This
variable is for all sentry types.
$$Value
For each threshold, specify the number that must be exceeded
for this sentry to generate an alert. This variable is for all sentry
types.
$$Percent
Specify the percentage change in behavior this view must
experience before the sentry generates an alert. This variable is
for anomaly sentries.
STRM Users Guide
Editing a Sentry
75
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
- Juniper NETWORKS STRM - TECHNICAL NOTE REV 6-2008
- Juniper JUNOS - NETWORK OPERATION GUIDE REV1
- Juniper JUNOSE 11.1.0 - REV 4-29-2010
- Juniper MEDIA FLOW CONTROLLER 2.0.5 - S REV 15-11-2010
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - INSTALLATION REV1
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 MODULE GUIDE REV 01-10-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 HARDWARE GUIDE REV 9-29-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010