Table of Contents
Advertisement
Legacy Reporting
Figure 11-19
Table 11-1 Custom Query Field Usage and Description
Field
Event Match
Ports Src/Dst
Time Start/Stop
Realtime Console Custom Query Screen
Description
The Event Match field is used to specify event names for the filter to display. Event
Match field is a text field where one or more events can be written. Multiple events
must be separated by spaces.
The Ports Source and Destination fields are the text fields for the realtime filter.
They are text fields where one or more port values can be written. Also a range of
ports can be specified by placing a dash between port values, for example 80-100.
Multiple values of single ports or port ranges must be separated by spaces.
The Time Start/Stop fields specify different values for the realtime filter depending
on the values of the Time Mode select field. The Time Start/Stop can contain the
following valid values:
• Time Start field can contain a positive number. This number is valid when the
Time Mode value hours is selected.
• Time Start and Stop fields can contain date time value in the format "YYMmmDD
HH:MM", for example, "03Aug23 10:23". These values are valid when start, stop,
or span selected for the Time Mode field.
• Time Start and Stop fields can contain date value in the following format:
"YYMmmDD", for example, "03Aug23". These values are valid when date or
dates selected for the Time Mode field.
Using the Realtime Console
Enterasys IPS Analysis and Reporting Guide 11-15
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?
Questions and answers