The Filter options at the top of the screen control the Interval and Class Type of the event summaries displayed.
The table summarizes security events by rule Class Type, or if a particular class type is selected, by rule. The status indicates the most severe event within the class/rule during the selected Interval:
- No events associated with this class/rule
- Inform
- Warn
- Severe
Click on a rule class to drill down to individual rules. Click on a rule to see a list of alerts associated with that rule (see Signatures>Alerts).