Enter values for the parameters:
Step 4
Table 5-5 Offense Search Parameters
Item
Offense Id
Attacker IP
Assigned to
user
Magnitude
Credibility
Severity
Relevance
Event Count
Attacker
Network
Target
Network
High-Level
Category
Low-Level
Category
Start Date
Between
Description
Specify the offense identifier you wish to search.
Specify the IP address or CIDR range of the attacker.
Using the drop-down list box, select for an offense assigned to a
specific user. If you wish to search all users, select Any.
Using the drop-down list box, select if you wish to search magnitude
equal to, less than, or greater than the configured value. The range is
0 to 10.
Using the drop-down list box, select if you wish to search credibility
equal to, less than, or greater than the configured value. The range is
0 to 10.
Using the drop-down list box, select if you wish to search severity
equal to, less than, or greater than the configured value. The range is
0 to 10.
Using the drop-down list box, select if you wish to search relevance
equal to, less than, or greater than the configured value. The range is
0 to 10.
Using the drop-down list box, select if you wish to search the event
count equal to, less than, or greater than the configured value.
Using the drop-down list box, select the attacker network you wish to
search. To search all networks, select all.
Using the drop-down list box, select the target network you wish to
search. To search all networks, select all.
Using the drop-down list box, select the high-level category you wish
to search. To search all categories, select Any.
Using the drop-down list box, select the low-level category you wish
to search. To search all categories, select Any.
Select the check box if you wish to search offenses that started
during a certain time period. Once you select the check box, use the
calendar to select the dates you wish to search.
STRM Users Guide
Managing Offenses
89