Symantec 10268947 User Guide - Page 100

100 Incidents and Events Monitoring events Note: Both StandardUsers and RestrictedUsers can modify the view by selecting which columns to display, sorting columns, and applying view filters. Selecting event columns Not all events contain data in every category, so you may want to remove empty or irrelevant columns, or add others to customize the display. All users can modify the display of event information by selecting columns. To select event columns 1 In the Incidents tab, in the lower Events at Selected Incidents pane, click Columns. 2 In Table Column Chooser, do one of the following: ■ Click Select All to select all columns. ■ Click the individual columns you want to view. 3 Click OK to save and close. The Events at Selected Incident can display the following information: ■ Time Indicates the date and time when Symantec Network Security first detected and logged the event. ■ Event Type Indicates the event category of the detected event. ■ Name Indicates the user group of the current user. ■ Source Indicates the IP address of the packet that triggered the event. If the source is made up of multiple addresses, then the Network Security console displays (multiple IPs) and you can view the list of addresses by double-clicking the event to see Event Details. ■ Destination Indicates the IP address of the attack target. If the destination is made up of multiple addresses, then the Network Security console displays (multiple IPs) and you can view the list of addresses by double-clicking the event to see Event Details. ■ Severity Indicates the severity level assigned to the event. An event's severity is a measure of the potential damage that it can cause.