Intrusion Prevention Reports
From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
The Reports tab provides a view of all reports and events for all traffic handled by Intrusion Prevention.
Reports
This applications reports can be accessed via the Reports tab at the top or the Reports tab within the settings. All pre-defined reports will be listed along with any custom reports that have been created.
Reports can be searched and further defined using the time selectors and the Conditions window at the bottom of the page. The data used in the report can be obtained on the Current Data window on the right.
Pre-defined report queries:
| Report Entry | Description |
|---|---|
| Intrusion Prevention Summary | A summary of intrusion detection and prevention actions. |
| Intrusion Detection (all) | The amount of detected and blocked intrusions over time. |
| Intrusion Detection (logged) | The amount of detected intrusions over time. |
| Intrusion Detection (blocked) | The amount of blocked intrusions over time. |
| Top Rules (all) | The number of intrusions detevted by rule. |
| Top Rules (logged) | The number of intrusions logged by rule. |
| Top Rules (blocked) | The number of intrusions blocked by rule. |
| Top Signatures (all) | The number of intrusions detected by signature. |
| Top Signatures (logged) | The number of intrusions logged by signature. |
| Top Signatures (blocked) | The number of intrusions blocked by signature. |
| Top Classtypes (all) | The number of intrusions detected by classtype. |
| Top Classtypes (logged) | The number of intrusions logged by classtype. |
| Top Classtypes (blocked) | The number of intrusions blocked by classtype. |
| Top Categories (all) | The number of intrusions detected by category. |
| Top Categories (logged) | The number of intrusions logged by category. |
| Top Categories (blocked) | The number of intrusions blocked by category. |
| Top Source IP Addresses (all) | The number of intrusions detected by source IP address. |
| Top Source IP Addresses (logged) | The number of intrusions logged by source IP address. |
| Top Source IP Addresses (blocked) | The number of intrusions blocked by source IP address. |
| Top Source Ports (all) | The number of intrusions detected by source port. |
| Top Source Ports (logged) | The number of intrusions logged by source port. |
| Top Source Ports (blocked) | The number of intrusions blocked by source port. |
| Top Destination IP Addresses (all) | The number of intrusions detected by destination IP address. |
| Top Destination IP Addresses (logged) | The number of intrusions logged by destination IP address. |
| Top Destination IP Addresses (blocked) | The number of intrusions blocked by destination IP address. |
| Top Destination Ports (all) | The number of intrusions detected by destination port. |
| Top Destination Ports (logged) | The number of intrusions logged by destination port. |
| Top Destination Ports (blocked) | The number of intrusions blocked by destination port. |
| Top Protocols (all) | The number of intrusions detected by protocol. |
| Top Protocols (logged) | The number of intrusions logged by protocol. |
| Top Protocols (blocked) | The number of intrusions blocked by protocol. |
| All Events | All sessions scanned by Intrusion Prevention. |
| Logged Events | All sessions matching Intrusion Prevention signatures and logged. |
| Blocked Events | All sessions matching Intrusion Prevention signatures and blocked. |
The tables queried to render these reports:
Related Topics
