Symantec 10521146 Administration Guide - Page 234
Table 9-4, Description, Types of event reports
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 234 highlights
234 Reporting About top-level report types Table 9-4 Types of event reports Type Description Events by classful source This report sorts events by their source IP addresses and presents a count of the number of addresses that are from class A, class B and class C networks. Specify report start and end dates/times, and maximum number to display. This report is generated in table, column and bar chart formats. This report has no drill-down reports. Events by protocol This report lists the number of events detected that exploit each particular protocol, such as ICMP, UDP, TCP, or IP. You specify the report start and end dates/times. Symantec Network Security generates this report in table, bar, column and pie chart formats. This report has no drill-down reports. Events by vendor This report lists the number of events detected per vendor. For example, signatures detected by Symantec Network Security are grouped as RCRS events because RCRS is the vendor ID for Symantec Network Security. You specify the report start and end dates/times. Symantec Network Security generates this report in table, bar, column and pie chart formats. This report has no drill-down reports. Destinations of source This report lists the destination IP address(es) for any event source IP address you specify, and the number of times each address was the destination for the source address. You also specify the report start and end dates/times. This report is generated in table and bar chart formats. You can generate several drill-down reports from the Destinations of Source report. Sources of destination This report lists the source IP address(es) for any event destination IP address you specify, and the number of times each address was the source for the destination address. Specify the report start and end dates/times, and destination address. This report is generated in table and bar chart formats. You can generate several drill-down reports from the Sources of Destination report. Events by VLAN ID This report lists all events for all VLAN IDs. If the VLAN ID has not been set up, the report lists any unknown VLAN IDs as -1. You can generate drill-down event types for each VLAN ID, and further, to the event list. Events by device This report lists all events for all devices and interfaces in the network topology. You can generate drill-down event types by interface.