Threat Activity Reports
To search for and generate a report on all threats detected, eliminated, quarantined, and detected but unable to be mitigated, use the Threat Activity Real-Time Report.
Menu path:
For this report, you can select to view various options in the generated report for your Appliance. Optional filter operators can be sorted in Ascending or Descending order. Choose sort order using the drop-down menu. The default is to display only Source Device, Event Name, Category , User Name, Target User, Action, Status, and Count.
For information on saving the generated report, see Formats for Saving a Generated Report.
Option | Description |
---|---|
Source Device | IP address of the device that sent these log messages |
Event ID | Numeric ID corresponding to the source device |
Event Type | Type of event |
Category | The category of the event |
Event Response | Response to the event |
Status ID | The ID of the status |
Severity ID | The severity ID |
Severity Name | The name of the severity code associated with the event |
User Name | Name of the user who is making the inquiry |
Target User | User for whom the inquiry is being made |
Target Group | Group for who the inquiry is being made |
Threat Name | Name of the threat |
Source IP | IP address from which the attack originated |
Destination IP | IP address that was targeted |
Destination Host | Host that was targeted |
Analyzer Name | Name of the analyzer |
Analyzer Version | The version of the analyzer |
Data Version | The version of the data associated with the event |
Action | An action associated with the entry type |
Status | Status of the connection |
Count | Number of attacks. |
Copyright © Cloud Software Group, Inc. All rights reserved.