Specifications
Port Query
Pending
•
Blank Search Pending
Search for this entry is in the
search queue.
Blank Action Pending
Action for this entry is in the
action queue..
Blank Port Query Pending
Port query for this entry is in
the port query queue..
Date/Time
The date and time when the incident was recorded in the Activity Monitor.
Sender ID
This is a unique identifier associated with the intrusion detection system that detected
the security event.
Sender Name
The name associated with the intrusion detection system that detected the security
event.
Event Category
The event category reported from the intrusion detection system. The following table
lists the default categories.
ASM_ATTACK ASM_COMPROMISE
ASM_INFORMATIONAL ASM_MISUSE
Signature
This is a unique identifier, assigned to this attack by the intrusion detection system.
Threat IP
The IP address of the device that is the source of the threat (not the device on which
the threat was learned).
Threat MAC
The MAC address of the device that was the source of the threat (not the device on
which the threat was learned).
Device/Port
The IP address and port of the device that was the source of the threat.
Rule Name
The name of the action that was taken.
Action
This column describes the action configured for the rule (disable port, Apply Policy,
No Action).
Details
This is brief (human−readable) description of the status for this incident. Refer to the
Icon/Status descriptions for status information.
Last Updated
The timestamp for the previous action. This is the date and time when the last action
was taken for this same event.
Filtered Traps
This is a count of the duplicate traps that were filtered. A trap is considered to be a
duplicate if it has the same Sender ID, Threat Category, and Threat IP Address as an
incident that is already in the Activity Monitor list. The trap is filtered if the incident
Automated Security Manager Help
Automated Security Manager Activity Monitor 91