Table of Contents
Advertisement
Legacy Reporting
Figure 11-25
The activity summary graph is at the top of the display area. For any query, the top seven
events are graphed over the specified query time period. Floating the mouse over the bar
graph reveals the actual number of events for the given event type. The graph can be shifted to
the left or right to expose hidden dates by clicking in the graph region and dragging the graph
left or right. To zoom in on a region of the graph, click on the graph while pressing the Ctrl
key and drag the mouse to select a region.
The top seven events are indexed in a legend to the left of the graph. Filtering certain events
can cause this graph and table to regenerate.
2.
Select the desired information to view by clicking the navigation buttons and selecting the
desired item in the pulldown menu.
Table 11-3 Event Summary Buttons
Button
sensors
date
hosts
Dragon Trending Console Event Summaries
Description
A list of available sensors.
Queries can be bound by start and stop times, specified by individual days and,
optionally, times within days. All queries outside of the range are ignored.
A list of IP addresses or CIDR blocks can be specified here. The resulting list can be
applied to all the events as one of any type: source address, destination address, or
both. For example, if a single CIDR block is specified and a query only looking for
internal attacks is desired, a setting of both is chosen for the IP Filter menu. Multiple
IP addresses or CIDR blocks can be specified by using the character, &.
For example, data can be entered as
10.100.100.125 & 10.10.10.0/24 & 10.10.20.0/24
Using the Trending Console
Enterasys IPS Analysis and Reporting Guide 11-23
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?
Questions and answers