Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
1Activity

Table Of Contents

ABOUT THIS GUIDE
Technical Documentation
Contacting Customer Support
1ABOUT STRM
•Logging In to STRM
Network Surveillance Interface 7
Investigating IP Addresses
2USING THE DASHBOARD
About the Dashboard
•Network Surveillance
Network Surveillance
•Most Severe and Most Recent Offenses
•My Offenses
•New Offenses Over Time
Most Severe and Most Recent Offenses
My Offenses
New Offenses Over Time
•Events Over Time
•Events By Severity
Enterprise Security State
Enterprise Vulnerability State
System Notifications
3MANAGING YOUR NETWORK ACTIVITY
•Using the Network Surveillance Interface
•About the Network Surveillance Interface
Displaying Traffic Based on Views
The Network Surveillance interface appears
•Creating a Bookmark
•Managing Bookmarks
Creating a Bookmark
Managing Bookmarks
Viewing Network Activity
•Interpreting the Graphs
Investigating Traffic Using TopN
•Viewing the TopN Information
Viewing the TopN Information
4MANAGING SENTRIES
Behavior
Anomaly
Security/Policy
Threshold
Custom
Creating a Behavior Sentry
Creating an Anomaly Sentry
Creating a Threshold Sentry
To create a threshold sentry:
Creating a Custom Sentry
•Viewing Offenses
•Showing Hidden Offenses
Hiding Offenses
Showing Hidden Offenses
Closing an Offense
Closing Listed Offenses
Assigning Offenses to Users
Viewing Offense By Category
Managing Offenses By Attacker
•Viewing Offenses by Attacker
Viewing Offenses by Attacker
Managing Offenses By Targets 113
Managing Offenses By Targets
•Viewing Offenses By Targets
Viewing Offenses By Targets
To view offenses by targets:
Managing Offenses By Networks 121
Managing Offenses By Networks
•Viewing Offenses By Networks
Viewing Offenses By Networks
To view offenses by networks:
Marking an Item For Follow-Up
To mark an item for follow-up:
Sending E-mail Notification 133
Sending E-mail Notification
Managing Network Anomalies
Viewing Network Anomaly Offenses
To view network anomaly offenses:
Closing Network Anomaly Offenses
•Closing a Network Anomaly Offense
Closing a Network Anomaly Offense
To close a network anomaly offense:
Closing All Offenses
Forwarding Network Anomaly Offenses
To forward a network anomaly offense:
6INVESTIGATING EVENTS
Using the Events Interface
•Using the Toolbar
Using the Right-Click Menu Options
•Viewing Streaming Events
Viewing Normalized Events
To view normalized events:
Using the Search Feature
•Searching Events
Managing Search Results
•Viewing Managed Search Results
Viewing Managed Search Results
Saving Search Results
Canceling a Search
Deleting a Search
Managing Event Search Groups
•Creating a New Group
Viewing Event Search Groups
To view event search groups:
Creating a New Group
Editing a Group
Copying a Saved Search to Another Group
To copy a saved search to another group:
Removing a Saved Search from a Group
To remove a saved search from a group:
Removing a Group
Viewing Associated Offenses 173
Viewing Associated Offenses
Modifying Event Mapping
Using Custom Event Properties 175
Using Custom Event Properties
•Creating a Custom Event Property
•Copying a Custom Event Property
Creating a Custom Event Property
To create a custom event property:
Tuning False Positives
7INVESTIGATING FLOWS
Using the Flows Interface
The right-click menu options are:
•Viewing Streaming Flows
Viewing Normalized Flows
Using the Search Feature 197
Managing Flow Search Groups
•Viewing Flow Search Groups
Viewing Flow Search Groups
To view flow search groups:
8MANAGING ASSETS
•Searching Asset Profiles
Searching Asset Profiles
Adding an Asset Profile
•Deleting an Asset
Importing Asset Profiles
9MANAGING REPORTS
Using the Reports Interface
•Using the Navigation Menu
Using the Navigation Menu
Viewing Generated Reports
Creating Report Templates 231
Creating Report Templates
•Creating a Report Template
Creating a Report Template
To create a report template:
Event/Logs
Flows
Time Series
Additional Details
Top Attackers
Top Offenses
Top Targeted Assets
TopN Time Series
Grouping Reports and Templates 267
Grouping Reports and Templates
•Creating a Group
To remove a report template from a group:
Delete a Generated Report
To delete a generated report:
Using Default Report Templates
Duplicating a Report Template
To duplicate a report template:
Sharing a Report Template
10USING TNC RECOMMENDATIONS
•Configuring TNC Recommendations
Configuring TNC Recommendations
To configure TNC recommendations:
Removing TNC Recommendations 279
Removing TNC Recommendations
AGLOSSARY
INDEX
0 of .
Results for:
No results containing your search query
P. 1
Users Strm

Users Strm

Ratings: (0)|Views: 36|Likes:
Published by daricoaix

More info:

Published by: daricoaix on Apr 05, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/05/2012

pdf

text

original

You're Reading a Free Preview
Pages 7 to 87 are not shown in this preview.
You're Reading a Free Preview
Pages 94 to 185 are not shown in this preview.
You're Reading a Free Preview
Pages 192 to 196 are not shown in this preview.
You're Reading a Free Preview
Pages 203 to 293 are not shown in this preview.
You're Reading a Free Preview
Pages 300 to 304 are not shown in this preview.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->