1. Navigate to Incidents under Monitor in the left navigation pane

    Picture 311

  2. The Incidents page displays information of all threats and attacks

    Picture 211

  3. Click on the incident to view more information

    Picture 211

    1. The tabs - Incident Details, Protection Actions and Extended Properties - provide information about the incident

      Picture 216

    2. The incident can also be added as an exception (if such incidents are not desired), acknowledged, archived OR exported in Microsoft Excel and PDF formats

      Picture 216

  4. Select all the required incidents, expand ACKNOWLEDGED

    1. Acknowledge only the selected incidents or all the listed incidents

      Picture 216

    2. Once acknowledged, the incident is displayed with a green indicator

  5. Select all the required incidents, expand ARCHIVE

    1. Archive only the selected incidents or all the listed incidents

      Picture 353

    2. Incidents are auto-archived after a maximum count of 500K is reached

  6. Each Incident ID depicts the below information

    Picture 1073742083

  7. The severity depicts whether the entry is an attack (red), a threat (orange) or a notification (blue)

    Picture 376

  8. A basic or an advanced search can be performed on the displayed incidents

    Picture 1073742084

  9. Incidents can also be filtered based on the criteria depicted below

    Picture 1073742326

  10. All the Timestamp values can be viewed in one of the three time zones – UTC Time, Host (Probe) Time and Local (browser) Time

    1. To set the time zone, click Incident Settings

      Picture 1073742325

    2. Select the required time zone

      Picture 1073742324

    3. Click APPLY

      Picture 1073742323

    4. The time zone is configurable for each CMS user. Once selected, the time values are displayed in same time zone until modified

    5. By default, Local Time is set as the time zone for each newly created CMS user