234 Reporting
About top-level report types
Events by classful
source
This report sorts events by their source IP addresses and presents
a count of the number of addresses that are from class A, class B
and class C networks. Specify report start and end dates/times,
and maximum number to display. This report is generated in
table, column and bar chart formats. This report has no
drill-down reports.
Events by protocol
This report lists the number of events detected that exploit each
particular protocol, such as ICMP, UDP, TCP, or IP. You specify the
report start and end dates/times. Symantec Network Security
generates this report in table, bar, column and pie chart formats.
This report has no drill-down reports.
Events by vendor
This report lists the number of events detected per vendor. For
example, signatures detected by Symantec Network Security are
grouped as RCRS events because RCRS is the vendor ID for
Symantec Network Security. You specify the report start and end
dates/times. Symantec Network Security generates this report in
table, bar, column and pie chart formats. This report has no
drill-down reports.
Destinations of
source
This report lists the destination IP address(es) for any event
source IP address you specify, and the number of times each
address was the destination for the source address. You also
specify the report start and end dates/times. This report is
generated in table and bar chart formats. You can generate several
drill-down reports from the Destinations of Source report.
Sources of
destination
This report lists the source IP address(es) for any event
destination IP address you specify, and the number of times each
address was the source for the destination address. Specify the
report start and end dates/times, and destination address. This
report is generated in table and bar chart formats. You can
generate several drill-down reports from the Sources of
Destination report.
Events by VLAN ID
This report lists all events for all VLAN IDs. If the VLAN ID has
not been set up, the report lists any unknown VLAN IDs as
-1
.
You can generate drill-down event types for each VLAN ID, and
further, to the event list.
Events by device
This report lists all events for all devices and interfaces in the
network topology. You can generate drill-down event types by
interface.
Table 9-4
Types of event reports
Type
Description
Summary of Contents for 10521146 - Network Security 7120
Page 1: ...Symantec Network Security Administration Guide...
Page 12: ...12 Contents Index...
Page 14: ...14...
Page 70: ...70...
Page 110: ...110 Populating the topology database Adding nodes and objects...
Page 158: ...158 Responding Managing flow alert rules...
Page 188: ...188...
Page 242: ...242 Reporting Playing recorded traffic...
Page 268: ...268 Managing log files Exporting data...
Page 316: ...316 Advanced configuration Configuring advanced parameters...
Page 318: ...318...
Page 338: ...338 SQL reference Using MySQL tables...
Page 366: ...366 Glossary...
Page 392: ...392 Index...