Reports Overview
Reports are collected together in organizational Categories according to their general application area. For example, the "Security" category contains reports that are aimed at detecting and characterizing security threats and policy violations, while the "Inventory" reports are aimed at listing the various hosts and devices in your network. Each Report is assembled from one or more customizable Sections. For example, a report showing a traffic breakdown for the main web and email servers might appear under the "Services" category:
- category: Services
- report: Critical Services
- section 1: Web Servers
- section 2: Mail Servers
- report: Critical Services
Working with existing reports
Traffic Sentinel includes a number of pre-defined reports. These can be run interactively, or scheduled to run periodically. The results can then be viewed in HTML or PDF format.
Assembling new reports
Traffic Sentinel allows new reports to be created and assembled by copying and customizing sections from the library of existing reports. Some report sections are highly customizable so they can be used over and over to report on specific protocols and services in your network. For example, the "Critical Services" report shown above could be assembled by reusing the existing report section:
- category: Services
- report: Clients and Servers
- section 1: Servers
- report: Clients and Servers
twice. First with the protocol filter set to TCP:80,TCP:443 to create the "Web Servers" section, and then again with the protocol filter set to TCP:25 to create the "Mail Servers" section.