Table of Contents
Advertisement
Event Details
•
Packet Data — Shows the packet data of the event.
You can adjust the size of the pop-up window to better view the event information.
Table 7-1
Table 7-1 Event Details Upper Pane
Field
Name
Date/Time
Score
Source IP
Port
Destination IP
Port
Direction
Protocol
Download PCAP
describes the event details in the upper pane.
Description
Name of the event.
Date and time of event occurrence.
The severity score of the event. The table can be filtered by score.
The source IP address of the event. Click the address link to
display a new browser window that attempts to resolve the IP
address using a DNS lookup. Additional publicly-available web
sites that perform address resolution are provided as links on the
browser page.
The source port.
The destination IP address of the event. Click the address link to
display a new browser window that attempts to resolve the IP
address using a DNS lookup. Additional publicly-available web
sites that perform address resolution are provided as links on the
browser page.
The destination port.
The direction of the event (for example, Internal or External).
The protocol used in the event.
Provides a download of a PCAP capture file. This file contains the
traffic between the source and destination IP addresses of the
event for the day the event was generated. Applicable to any TCP
event that supports the Dragon mktcpdump CLI tool.
Refer to
Chapter 8, Viewing a PCAP File for an Event
information.
Enterasys IPS Analysis and Reporting Guide 7-3
for more
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?
Questions and answers