Symantec 10268947 User Guide - Page 76
Searching event types, About response parameters, About event targets, Configuration, Response Rules
UPC - 037648243766
View all Symantec 10268947 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 76 highlights
76 Response Rules About automated responses Searching event types All users can view a more manageable subset of the entire event list by using any or all of the search criteria to shorten the list of event types in the Search Event List. To select event types 1 In the Network Security console, click Configuration > Response Rules > Event Type. 2 To see the Event Lists, double-click Event Types. 3 In Search Events, provide some or all of the following search criteria: ■ Click Title to identify the search. ■ Click Protocol to search for specific protocols. ■ Click Category to search for specific categories. ■ Click Severity to indicate the severity level. ■ Click Confidence to indicate the confidence level. ■ Click Intent to indicate the intent. 4 After selecting search criteria, click Search Events. About response parameters In Configuration > Response Rules, SuperUsers and Administrators can edit and configure response rule parameters to specify the characteristics of the events and incidents that Symantec Network Security responds to. Each response rule contains the following response parameters: ■ About event targets ■ About event types ■ About severity levels ■ About confidence levels ■ About event sources ■ About response actions ■ About next actions About event targets The event target parameter specifies the location where the detected incident occurs. The possible values for this parameter include the locations, network