03-25-2002 10:26 AM - edited 03-08-2019 10:09 PM
I click on Reports\Summary Report Templates\text\Most Active Web Sites and I get the message:
SENSNAT01: No audit event records exist for the most active FTP sites by volume.
Possible causes include no audit events have occurred, Service Statistics
audit event records are not being logged by the selected device for the FTP
network service, the device-specific log settings for the selected devices
are not set to generate debug-level syslog messages, or your security
policies do not allow FTP site access through the selected devices.
How do I set up my IDSM to generate reports? Thanks in advance!
03-25-2002 02:02 PM
That specific report is only useable when monitoring the syslogs from routers and firewalls.
You want to use the IDS reports when monitoring the IDSM or Appliance Sensors:
Step 3 Click the report type that you want to generate and follow the instructions on the form to specify how to filter events in that report.
The following reports and filtering options are available under IDS Reports (HTML):
Intrusion Detection Summary ReportFilterable by Date/Time, Organization, Source Direction, Destination Direction, Signature or Signature Category, and
Alarm Level.
Top Sources of Alarms ReportFilterable by Date/Time, Top n, Destination Direction, Destination Address, Signature or Signature Category, Sensor, and
Alarm Level.
Top Destinations of Alarms ReportFilterable by Date/Time, Top n, Source Direction, Source Address, Signature or Signature Category, Sensor, and Alarm
Level.
Top Alarms ReportFilterable by Date/Time, Top n, Source Direction, Destination Direction, Source Address, Destination Address, Signature or Signature
Category, Sensor, Alarm Level, and Signature or Signature Category.
Top Source/Destination Pairs of Alarms ReportFilterable by Date/Time, Top n, Signature or Signature Category, Sensor, Alarm Level, Source Direction,
Destination Direction, Source Address, and Destination Address.
Alarm Source ReportFilterable by Date/Time, Destination Direction, Destination Address, Signature or Signature Category, Sensor, Alarm Level, Alarm
Count, Source Direction, and Source Address.
Alarm Destination ReportFilterable by Date/Time, Source Direction, Source Address, Signature or Signature Category, Sensor, Alarm Level, Alarm Count,
Destination Direction, and Destination Address.
Alarm ReportFilterable by Date/Time, Source Direction, Destination Direction, Source Address, Destination Address, Sensor, Alarm Level, Alarm Count,
and Signature or Signature Category.
Alarm Source/Destination Pair ReportFilterable by Date/Time, Signature or Signature Category, Sensor, Alarm Level, Alarm Count, Source Direction,
Destination Direction, Source Address, and Destination Address.
Alarms by Hour ReportFilterable by Date/Time, Source Direction, Destination Direction, Source Address, Destination Address, Signature or Signature
Category, Sensor, Alarm Level, and Alarm Count.
Alarms by Day ReportFilterable by Date/Time, Source Direction, Destination Direction, Source Address, Destination Address, Signature or Signature
Category, Sensor, Alarm Level, and Alarm Count.
Alarms by Sensor ReportFilterable by Date/Time, Source Direction, Destination Direction, Source Address, Destination Address, Signature or Signature
Category, Sensor, Alarm Level, and Alarm Count.
Sensor Alarm Correlation ReportFilterable by Date/Time, Source Direction, Destination Direction, Source Address, Destination Address, Signature or
Signature Category, Sensor, Alarm Level, and Alarm Count.
03-26-2002 12:10 AM
Is there a way to automate report's generation ?
A+
03-26-2002 05:39 AM
I too would like to see away to automate the IDS reports.
03-26-2002 06:33 AM
Currently, there is no way to automate/schedule reports. It's one of the big shortcomings of the current 2.x version.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide