IDS/IPS Activity Reports
To search for and generate a report on all attack activities from IDS/IPS systems, use the IDS/IPS Activity Real-Time Report.
Menu path:
For this report, you can select to view various options in the generated report for your Appliance. Optional filter operators can be sorted in Ascending or Descending order. Choose sort order using the list. The default is to display only Log Source IP, Source IP, Destination IP, Destination Port, Signature, and Count.
For information on saving the generated report, see Formats for Saving a Generated Report.
| Option | Description |
|---|---|
| Log Source IP | IP address of the device that sent these log messages |
| Source IP | IP address from which the attack originated |
| Source Port | Port from which the attack originated |
| Destination IP | IP address that was targeted |
| Destination Port | Port that was targeted |
| Action | Response of the intrusion prevention system (IPS) when it detects an attack reported by the IDS/IPS |
| Signature ID | Rule or numeric ID for the event |
| Protocol | Protocol of the destination device |
| Signature | Identifier from IDS/IPS for an event |
| Sensor | Device that sends events to a collector analysis system |
| Sensor IP | IP address of the device that detected the event |
| Classification | Type of attack |
| Priority | Priority level of the attack |
| Count | Number of attacks. |
Copyright © 2020. Cloud Software Group, Inc. All Rights Reserved.