INCIDENTS
-
Navigate to Incidents under Monitor in the left navigation pane
-
The Incidents page displays information of all threats and attacks
-
Click on the incident to view more information
-
The tabs - Incident Details, Protection Actions and Extended Properties - provide information about the incident
-
The incident can also be added as an exception (if such incidents are not desired), acknowledged, archived OR exported in Microsoft Excel and PDF formats
-
-
Select all the required incidents, expand ACKNOWLEDGED
-
Acknowledge only the selected incidents or all the listed incidents
-
Once acknowledged, the incident will not be displayed on the page
-
-
Select all the required incidents, expand ARCHIVE
-
Archive only the selected incidents or all the listed incidents
-
-
Each Incident ID depicts the below information
-
The severity depicts whether the entry is an attack (red), a threat (orange) or a notification (blue)
-
A basic or an advanced search can be performed on the displayed incidents
-
Incidents can also be filtered based on the criteria depicted below
-
All the Timestamp values can be viewed in one of the three time zones – UTC Time, Host (Probe) Time and Local (browser) Time
-
To set the time zone, click Incident Settings
-
Select the required time zone
-
Click APPLY
-
The time zone is configurable for each CMS user. Once selected, the time values are displayed in same time zone until modified
-
By default, Local Time is set as the time zone for each newly created CMS user
-