STRM Users Guide
84
I
NVESTIGATING
O
FFENSES
Last Events
Specifies the date and time that this event was detected for this
category in this offense.
Top 5 Targets
Specifies the top 5 local targets, organized by magnitude, which
are part of this offense. If no local targets exist for this offense,
no link appears. Click
Targets
to view additional information.
IP/DNS Name
Specifies the IP address or DNS name of the asset.
Magnitude
Specifies the relative importance of the target. The magnitude
bar provides a visual representation of all the correlated
variables of the target. Variables include the vulnerability
assessment risk and threat under.
•
Vulnerability Risk
- The vulnerability assessment risk level
(0 to 10) for the asset where 0 is the lowest and 10 is the
highest. This is a weighted value against all other hosts in
your deployment.
•
Threat Under
- The value applied to the threat a target is
under over time. This is calculated based on the average
weighted value of the threat under over time.
Point your mouse to the magnitude bar to display values and the
calculated magnitude.
Vulnerable
Specifies if this target is known to be vulnerable to this offense. If
this target is vulnerable, this field indicates Yes. Otherwise, this
field indicates Unknown.
Chained
Specifies if this target has attacked since the offense was first
detected. If this target has attacked, the term Yes appears. Click
Yes to view the attacker summary for the IP address at the time
that IP address became a part of the offense.
User
Specifies the user associated to this target when the IP address
was targeted by this offense.
MAC
Specifies the MAC address of this IP address. If unknown, this
field indicates Unknown.
Location
Specifies the location of this target.
Weight
Specifies the weight of the asset.
Top 10 Events
Specifies the top 10 events, in the last hour, organized by
magnitude, which are part of this offense. Click
Events
to view
additional information.
Event Name
Specifies a name for this event.
Magnitude
Specifies the relative importance of the offense. The magnitude
bar provides a visual representation of all the correlated
variables of the attacker. Variables include Relevance, Severity,
and Credibility. Point your mouse to the magnitude bar to values
for the offense and the calculated magnitude.
Device
Specifies the devices that detected this event.
Category
Specifies the category of this event.
Table 5-3
Offense Details Panel (continued)
Parameter
Description
Содержание SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
Страница 13: ...STRM Users Guide Assets 7 Note For more information see Chapter 8 Managing Assets...
Страница 100: ...STRM Users Guide 94 INVESTIGATING OFFENSES...
Страница 138: ......
Страница 226: ......