An IPS event is triggered when a security violation, as defined by a signature, is detected. It appears on the IPS Events tab with a severity level of High, Medium, Low, or Information, which maps to a reaction.
From the list of generated events, determine which indicate no risk and which indicate suspicious behavior. To allow events, configure the system with the following:
This fine-tuning process keeps false positives to a minimum, providing more time for analysis of serious events. For more details, see IPS Events.