Item
|
Description
|
Properties button
|
Click to view details of a selected event.
|
Mark as Read button
|
Click to mark a selected event as read.
|
Mark as Unread button
|
Click to mark a selected event as unread.
|
Mark as Hidden button
|
Click to mark a selected event as hidden and hide it from the display.
|
Mark Similar Events button
|
Click to mark selected similar events as read, unread, or hidden.
|
Search Similar Exception Rules
|
Click to open the Search IPS Exception Rules criteria dialog box with information of the selected event.
|
Create Exception button
|
Click to create an exception based on the selected event.
|
Create Trusted Application button
|
Click to create a trusted application based on the selected event.
|
Refresh button
|
Click to refresh the display
|
Stop Refresh button
|
Click to stop the refresh of the display.
|
Configure View button
|
Click to show events for a set number of days (30 is the default).
|
Custom Filter
|
Click to set a filter for the display.
|
Reset Filter
|
Click to remove the filter that has been applied.
|
Severity Level
|
The severity level (Information, Low, Medium, High) of the signature that caused the event to appear.
|
Recording Time
|
The time the event was recorded in the database.
|
Node
|
The name of the node where the event occurred.
|
Signature Name
|
The name of the signature that triggered the event.
|
Process
|
The process that initiated the operation that triggered the event.
|
User
|
The user that initiated the event.
|
Source IP
|
The IP address of the source host, if one is available.
|
Reaction
|
The response by the agent (log or prevent) to the event.
|
Note
|
Any notes attached to the event.
|