Events
Threat Prevention lists all triggered events in chronological order. You can view the details of each event under Events and further change the corresponding policies and signature actions to suit your needs.
To view the details of an event:
- Go to Events and find your target event from the list to the left.
- Click on the event and find the detailed information in the window to the right.
To change the policy of an event:
- Go to Events and find your target event from the list to the left.
- Click on the event and click Add Policy.
- Change the Action form the drop-down menu (Alert/Drop/Do nothing) and the Source/Destination IPs to set the conditions for future matches. You can also add notes to the Comment box for future management.
- Click OK to save changes.
Note:
- Even if changers were only made in the Comment box, the event will still be listed under Self-Defined Policy.
To find specific events:
- Go to Events.
- Enter keywords in the top search bar or click the magnifying glass icon and specify the Source/Destination IP, Date Range, Severity, or Action Taken.
- Click Search to find the matching events.