Customizing The Event Table Display; Setting Display Preferences - Enterasys Intrusion Prevention System Reporting Manual

Analysis and reporting guide

Hide thumbs Also See for Intrusion Prevention System:

Manual (260 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

page of 122

/ 122
Contents
Table of Contents
Bookmarks

Table of Contents

Event Table Pane

Table 6-1 Event Table Report Columns

Event Detail Column

Direction

Protocol

Sensor Name

Details

Table 6-2

Table 6-2 Right-Click Action Menu Options

Option

Event Details

Source Address Lookup

Destination Address Lookup

Session Rebuild

Download PCAP

Mail Event

Customizing the Event Table Display

The following sections describe customizations you can perform on the Event Table pane.

Setting Display Preferences

The Event Table pane allows you to set the display preferences by editing the fields in the

preferences bar at the bottom of the pane.

You can set the number of rows to display per page in the Show per Page field, and you can move

forward and back through the pages by clicking on the direction arrows next to the Page field, as

shown in

next to the Page field.

Description

The direction of the event (for example, Internal or External).

The protocol used in the event.

Name of the Dragon sensor that generated the event. In the case of Network

Sensors, this is the Virtual Sensor name.

Any additional details about the event.

describes the options in the right-click Action menu.

Figure

6-3. You can interactively refresh the display by clicking the circular arrow icon

Description

Displays a pop-up window containing details of the event. See

Chapter 7, Event Details

for more information.

Displays a new browser window that attempts to resolve the IP

address using a DNS lookup. Additional publicly-available web

sites that perform address resolution are provided as links on the

browser page.

Displays a new browser window that attempts to resolve the IP

address using a DNS lookup. Additional publicly-available web

sites that perform address resolution are provided as links on the

browser page.

Displays a page with the session information for the selected

event. Applicable to TCP events.

Provides a download of a PCAP capture file. This file contains the

traffic between the source and destination IP addresses of the

event for the day the event was generated. Applicable to any TCP

event that supports the Dragon mktcpdump CLI tool.

Refer to

Chapter 8, Viewing a PCAP File for an Event

information.

Opens your mail application with the URL for the event in the

content field of the message.

Enterasys IPS Analysis and Reporting Guide 6-3

Customizing the Event Table Display

for more

Table of Contents

Need help?

Do you have a question about the Intrusion Prevention System and is the answer not in the manual?

Customizing The Event Table Display; Setting Display Preferences - Enterasys Intrusion Prevention System Reporting Manual

Customizing the Event Table Display

Setting Display Preferences

Need help?

Questions and answers

Related Products for Enterasys Intrusion Prevention System

Customizing The Event Table Display; Setting Display Preferences - Enterasys Intrusion Prevention System Reporting Manual

Customizing the Event Table Display

Setting Display Preferences

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Enterasys Intrusion Prevention System

Related Products for Enterasys Intrusion Prevention System

Table of Contents