D-20
User Guide for Cisco Security MARS Local Controller
78-17020-01
Appendix D System Rules and Reports
List of System Reports
This report ranks attack sources by the number of denied connection attempts.
•
Activity: Denies - Top Sources.
Activity: Denies - Top Sources
•
Activity: Host Admin Login Success - All Events.
This report details successful administrative login events to hosts.
•
Activity: Host Admin Login Success - All Events.
This report details successful administrative login events to hosts.
•
Activity: Host Login Failures - All Events.
This report records all host login failure details.
•
Activity: Host Login Failures - All Events.
Activity: Host Login Failures - All Events
•
Activity: Host Login Failures - Top Destinations.
This report ranks hosts by the number of logon failures recorded.
•
Activity: Host Login Failures - Top Destinations.
Activity: Host Login Failures - Top Destinations
•
Activity: Host Login Failures - Top Users.
This report ranks host users by failed login attempts.
•
Activity: Host Login Failures - Top Users.
Activity: Host Login Failures - Top Users
•
Activity: Host Login Success - All Events.
This report details all host login success event details
•
Activity: Host Login Success - All Events.
Activity: Host Login Success - All Events
•
Activity: Host Login Success - Top Host.
This report ranks hosts by successful logins.
•
Activity: Host Login Success - Top Host.
Activity: Host Login Success - Top Host
•
Activity: Host Object Access - All Events.
This report records all Microsoft Windows Object Access events from Windows Event Logs.
•
Activity: Host Object Access - All Events.
Activity: Host Object Access - All Events
•
Activity: Host Privilege Escalation - All Events.
This report provides details for events that represent an user attempting to increase access rights on
a particular host. Such attempts can happen remotely or from the local console and can be reported
by Network or Host IDS devices or the hosts themselves
•
Activity: Host Privilege Escalation - All Events.
This report provides details for events that represent an user attempting to increase access rights on
a particular host. Such attempts can happen remotely or from the local console and can be reported
by Network or Host IDS devices or the hosts themselves
Содержание CS-MARS-20-K9 - Security MARS 20
Страница 20: ...Contents xx User Guide for Cisco Security MARS Local Controller 78 17020 01 ...
Страница 356: ...17 16 User Guide for Cisco Security MARS Local Controller 78 17020 01 Chapter 17 Network Summary Summary Page ...
Страница 420: ...20 28 User Guide for Cisco Security MARS Local Controller 78 17020 01 Chapter 20 Queries and Reports Reports ...
Страница 580: ...Glossary GL 4 User Guide for Cisco Security MARS Local Controller 78 17020 01 ...
