Select this option if you want to search from the logs database.
Selected Devices
In this section, you can choose the devices for which you want the logs to be searched. There are 2 lists,
By default all the devices are selected and avilable in the Selected Devices list. If you want to change the list of selected devices, select the required devices in the Available devices list and move it to the Selected devices list and vice versa. The selected devices are displayed in this section.
Define Criteria
This section, enables you to search the database for attributes using more than one following criteria's:
Criteria | Description |
---|---|
Protocol | Refers to the list of protocols and protocol identifiers that are available in the Protocol Groups page (Settings > Protocol Groups) Example: 8554/tcp, rtsp, IPSec |
Source | Refers to the source host name or IP address from which requests originated |
Destination | Refers to the destination host name or IP address to which requests were sent |
User | Refers to the authenticated user name required by some firewall's. Example: john, kate |
Virus | Refers to the Virus name. Examples: JS/Exception, W32/Mitglieder |
Attack | Refers to the attack name. Examples: UDP Snort, Ip spoof |
URL | Refers to the URL to be searched |
Rule | Refers to the Rule used |
Category | Refers to the category type |
Application | Refers to the application type |
Src Country | Refers to the source country |
Dst Country | Refers to the destination country |
Click Generate button. On clicking Generate button you will see the search results.
Note: |
|
If the search string exists then the search result will be intelligently displayed based on the report category in which it occurred. The report categories are:
Choose Columns, Save buttons on right top of the screen.
The result of the search is displayed as table with its own columns. You can select the columns for display as per your choice.