134 Responding
Managing response rules
Editing response rules
Searching event types
The Network Security console provides a way to modify response rules easily.
To view Response Policy Configuration
1
In the Network Security console, click Configuration > Response Rules.
2
In Response Rules, select a response rule. The background of the selected
response rule turns purple.
3
Click one of the following to edit:
Setting event targets
■
Setting event types
■
Setting severity levels
■
Setting confidence levels
■
Setting event sources
■
Setting response actions
■
Setting next actions
■
4
Click OK to save and exit.
All users can view a more manageable subset of the entire event list by using any
or all of the search criteria to shorten the list of event types in the Search Event
List.
To select event types
1
In the Network Security console, click Configuration > Response Rules >
Event Type.
2
To see the Event Lists, double-click Event Types.
3
In Search Events, provide some or all of the following search criteria:
Click Title to identify the search.
■
Click Protocol to search for specific protocols.
■
Click Category to search for specific categories.
■
Click Severity to indicate the severity level.
■
Click Confidence to indicate the confidence level.
■
Click Intent to indicate the intent.
■
4
After selecting search criteria, click Search Events.