The Filter options at the top of the screen control the Interval, Class Type and SID of the alerts used to construct the host table.
This table shows the network hosts ranked by the number of security events that they have triggered.
- Status the status box indicates the severity of the event
(Inform
,
Warn ,
Severe ). - Address, the address of the host that triggered the rule.
- Name, the name of the host voilating the rule. Note: Names are only provided for local hosts.
- SID, the rule number associated with the event.
- Class Type, the threat type associated with the rule.
- Events, the number of security events triggered by this host.
Click on an entry to find out additional information about the host, including the switch and port connecting it to the network.