The Hosts page lists network hosts ranked by the number of security events that they have triggered.
Topics:
- What are the different columns in the table?
- What do the different colors mean?
- How do I control which events are shown?
- How do I get more detail on a host?
What are the different columns in the table?
The hosts table includes the following columns:
- Status the status box indicates the severity of the event
- Address, the address of the host that triggered the rule.
- Name, the name of the host voilating the rule. Note: Names are only provided for local hosts.
- SID, the rule number associated with the event.
- Class Type, the threat type associated with the rule.
- Events, the number of security events triggered by this host.
What do the different colors mean?
The following colors are used in the Status column:
- Inform An event provided for informational purposes, no action required.
- Warn An event reporting a problem that may require further investigation.
- Severe An event requiring immediate attention.
How do I control which events are shown?
The Filter options at the top of the screen control the Interval, Class Type and SID of the alerts used to construct the host table.
How do I get more detail on a host?
Click on an entry to find out additional information about the host, including the switch and port connecting it to the network.