Reports

ArcSight 3.0 includes the following standard reports that are usable as provided, or can
be used as templates for custom reports.

Report By Event Name Top 10 Events Chart

Report By Event Name Attacker Counts by Event Name
Report By Event Name Event Name Counts
Report By Event Name Events From an Attacker by Event Name
Report By Event Name Events for a Target by Event Name
Report By Event Name Target Counts by Event Name
Report By Event Name Hourly Distribution Chart for Event
Report Symantec Intruder Alert Reports ITA - Top 10 Events
Report Symantec Intruder Alert Reports ITA - Top 10 Triggered Rules
Report By Attacker Top 10 Attackers Chart
Report By Attacker Events by Attacker (Detailed)
Report By Attacker Hourly Distribution Chart for a Attacker
Report By Attacker Target Counts by Attacker
Report By Attacker Events by Attacker Asset Group (Summary)
Report By Attacker Events by Attacker (Summary)
Report By Attacker Events by Attacker Asset Group (Detailed)
Report Check Point Firewall Reports FireWall-1 - Top 20 Connections by Address - Pie
Report Check Point Firewall Reports FireWall-1 - Top 20 Bandwidth Users
Report Check Point Firewall Reports FireWall-1 - Top Requested URL-FTP Targets
Report Check Point Firewall Reports FireWall-1 - Bandwidth Usage by Address
Report Check Point Firewall Reports FireWall-1 - Outbound Telnet Traffic
Report Check Point Firewall Reports FireWall-1 - Inbound FTP Traffic
Report By Target Events From an Attacker by Target
Report By Target Hourly Distribution Chart for a Target
Report By Target Top 10 Targets Chart
Report System Reports Event Count by Severity
Report System Reports Total Event Count
Report System Reports Events By Attack Model
Report Check Point Firewall Reports FireWall-1 - Inbound Telnet Traffic
Report Check Point Firewall Reports FireWall-1 - Denied Inbound Traffic By Address
Report Check Point Firewall Reports FireWall-1 - Top 20 Bandwidth Ports
Report Check Point Firewall Reports FireWall-1 - Outbound FTP Traffic
Report Check Point Firewall Reports FireWall-1 - Outbound HTTP Traffic
Report Check Point Firewall Reports FireWall-1 - Inbound HTTP Traffic
Report Inbound Top 10 Inbound Attacks
Report Inbound Top 10 Inbound Events
Report Address by Active List Targets in Scanned List
Report Address by Active List Attackers in Suspicious List
Report Address by Active List Attackers in Trusted List
Report Address by Active List Targets in Compromised List
Report Address by Active List Attackers in Reconnaissance List
Report Address by Active List Targets in Hit List
Report Address by Active List Attackers in Hostile List
Report Address by Active List Attackers in Untrusted List
Report Address by Active List Attackers in Compromised List

ArcSight Confidential 10/27/2005 Page 31

Report Intrusion Inc. Reports Intrusion Inc. - Top 10 Target Chart Report
Report Intrusion Inc. Reports Intrusion Inc. - Alarms By Attacker
Report Intrusion Inc. Reports Intrusion Inc. - Top 10 Priority by Day Stack Chart
Report Intrusion Inc. Reports Intrusion Inc. - Alarm Report
Report Intrusion Inc. Reports Intrusion Inc. - Top 10 Attacker-Target Pairs of Alarms
Report Intrusion Inc. Reports Intrusion Inc. - Alarm Target Report
Report Intrusion Inc. Reports Intrusion Inc. - Top 10 Attacker Chart Report
Report Intrusion Inc. Reports Intrusion Inc. - Top 10 Alarm Chart Report
Report Asset Reports All Assets
Report Asset Reports All Exposed Vulnerabilities
Report Asset Reports Vulnerabilities of Assets in North America
Report Events by Active List Events by Attackers in Suspicious List
Report Events by Active List Events by Targets in Compromised List
Report Events by Active List Events by Attackers in Reconnaissance List
Report Events by Active List Events by Targets in Hit List
Report Events by Active List Events by Attackers in Trusted List
Report Events by Active List Events by Attackers in Untrusted List
Report Events by Active List Events by Attackers in Hostile List
Report Events by Active List Events by Targets in Scanned List
Report Case Reports Case Stage Counts
Report Case Reports Operational Impact Chart
Report Case Reports All Cases
Report Case Reports Case Chart
Report Case Reports Today's Cases
Report ISS RealSecure Reports ISS RealSecure - Alarm Target Report
Report ISS RealSecure Reports ISS RealSecure - Top 10 Attacker-Target Pairs of Alarms
Report ISS RealSecure Reports ISS RealSecure - Top 10 Target Chart Report
Report ISS RealSecure Reports ISS RealSecure - Alarm Report
Report ISS RealSecure Reports ISS RealSecure - Alarms By Attacker
Report ISS RealSecure Reports ISS RealSecure - Top 10 Alarm Chart Report
Report ISS RealSecure Reports ISS RealSecure - Top 10 Attacker Chart Report
Report ISS RealSecure Reports ISS RealSecure - Top 10 Priority by Day Stack Chart
Hourly Stacked Chart by ArcSight Priority (Stacked Bar
Report Report Layout Examples Chart)
Report Report Layout Examples Hourly Event Counts (Area Chart)
Report Report Layout Examples Top 10 Targets (3D Pie Chart)
Report Report Layout Examples Top 10 Targets (Inverted Bar Chart)
Report Report Layout Examples Top 10 Targets (Table and Chart)
Report Report Layout Examples Hourly Chart by ArcSight Priority (3D Stacked Bar Chart)
Report Report Layout Examples Top 10 Targets (3D Bar Chart)
Report Report Layout Examples Top 10 Targets (Pie Chart)
Report Report Layout Examples Hourly Event Counts (Line Chart)
Report Report Layout Examples Top 10 Targets (Bar Chart)
Report Report Layout Examples Top 10 Targets (Table)
Report By Device Attacker Counts by Device
Report By Device Events From an Attacker by Device
Report By Device Events by Device (Summary)
Report By Device Events by Device (Details)
Report By Device Events for a Target by Device
Report By Device Hourly Distribution Chart for a Device
Report By Device Top Events Chart From a Device

ArcSight Confidential 10/27/2005 Page 32

Report By Device Top Active Device Chart
Report By Device Target Counts by Device
Report Outbound Outbound Attacks (Possible Compromise)
Report Outbound Top 10 Outbound Events
Report PIX Firewall Reports PIX Firewall - Denied Traffic by Address
Report PIX Firewall Reports PIX Firewall - Bandwidth Usage per Hour
Report PIX Firewall Reports PIX Firewall - Email Traffic
Report PIX Firewall Reports PIX Firewall - Outbound Telnet Traffic
Report PIX Firewall Reports PIX Firewall - Accepted Traffic by Address
Report PIX Firewall Reports PIX Firewall - Outbound HTTP Traffic
Report PIX Firewall Reports PIX Firewall - Top 10 Targets
Report PIX Firewall Reports PIX Firewall - Inbound HTTP Traffic
Report Bottom 10 Bottom 10 Attack Sources
Report Bottom 10 Bottom 10 Targets
Report Bottom 10 Bottom 10 Attacked Targets
Report Bottom 10 Bottom 10 Attackers
Report Bottom 10 Bottom 10 Events
Report Bottom 10 Bottom 10 Attacks
Report By Priority ArcSight Priority Pie Chart
Report By Priority Events From an Attacker by ArcSight Priority
Report By Priority Attacker Counts by ArcSight Priority
Report By Priority Events by ArcSight Priority (Detailed)
Report By Priority Events for a Target by ArcSight Priority
Report By Priority Events by ArcSight Priority (Summary)
Report By Priority Target Counts by ArcSight Priority
Report Licensing Reports Event Count Licensing Report
Report Licensing Reports Agent Licensing Report
Report Licensing Reports Device Licensing Report
Report Licensing Reports User Licensing Report
Report Licensing Reports Console Licensing Report
Report Notification Reports Notifications By Acknowledgement Status
Report Notification Reports Notification Status Report
Report Notification Reports Notification Action Events
Report Internal Reports Resource Created Report
Report Internal Reports Rules Engine Warning Messages
Report Internal Reports Resource Updated Report
Report Internal Reports Fired Rule Events
Report Internal Reports Resource Deleted Report
Report Internal Reports User Login Logout Report
Report Internal Reports Resource History Report
Report Cisco Router Reports Cisco Router - Top 10 Denied Target Addresses
Report Cisco Router Reports Cisco Router - Packets per Hour
Report Cisco Router Reports Cisco Router - Permitted Packets by Address
Report Cisco Router Reports Cisco Router - Telnet Traffic
Report Cisco Router Reports Cisco Router - HTTP Traffic
Report Cisco Router Reports Cisco Router - FTP Traffic
Report Cisco Router Reports Cisco Router - Top 10 Permitted Target Addresses
Report Cisco Router Reports Cisco Router - Email Traffic
Report Cisco Router Reports Cisco Router - Packets per Address
Report Cisco Router Reports Cisco Router - Top 10 Denied Attacker Addresses

ArcSight Confidential 10/27/2005 Page 33

Report Cisco Router Reports Cisco Router - Top 10 Targets
Report Cisco Router Reports Cisco Router - Top 10 Permitted Attacker Addresses
Report Cisco Router Reports Cisco Router - Packets per Port
Report PIX Firewall Reports PIX Firewall - Bandwidth Usage by Address
Report PIX Firewall Reports PIX Firewall - Outbound Email Traffic
Report PIX Firewall Reports PIX Firewall - HTTP Traffic
Report PIX Firewall Reports PIX Firewall - Inbound Telnet Traffic
Report PIX Firewall Reports PIX Firewall - Bandwidth Usage by Port
Report PIX Firewall Reports PIX Firewall - Telnet Traffic
Report PIX Firewall Reports PIX Firewall - Inbound Email Traffic
Report PIX Firewall Reports PIX Firewall - FTP Traffic
Report PIX Firewall Reports PIX Firewall - Inbound FTP Traffic
Report Asset Reports All Vulnerabilities in Email and Web Server Assets
Report Asset Reports Top 10 Windows Assets Vulnerabilities
Report Asset Reports 10 Most Vulnerable Assets in Confidential Data Group
Report Asset Reports All Revenue Generating Assets
Report By Agent Type Attacker Counts by Agent Type
Report By Agent Type Events by Agent Type (Summary)
Report By Agent Type Events by Selected Agent Type
Report By Agent Type Events From an Attacker by Agent Type
Report By Agent Type Events for a Target by Agent Type
Report By Agent Type Events by Agent Type (Details)
Report By Agent Type Top Agent Types Chart
Report By Agent Type Event Distribution Chart for an Agent Type
Report By Agent Type Target Counts by Agent Type
Report By Attacker Port Events From an Attacker by Attacker Port
Report By Attacker Port Events for a Target by Attacker Port
Report By Attacker Port Top Attacker Ports Chart
Report By Attacker Port Attacker Counts by Attacker Port
Report By Attacker Port Target Counts by Attacker Port
Report By Attacker Port Events by Attacker Port (Details)
Report By Attacker Port Attacker Port Counts
Report By Attacker Port Hourly Distribution Chart for an Attacker Port
Report By Attacker Port Events by Attacker Port (Summary)
Report Events by Canned Asset Groups All Events targeting Email and Web Servers
Report Events by Canned Asset Groups Top 10 Attack Signatures targeting Windows Assets
Report Events by Canned Asset Groups All Events generated from Firewalls and NIDS Assets
All Events generated from Web Servers targeting
Report Events by Canned Asset Groups Confidential Data
Report Events by Canned Asset Groups Top 10 Attacked Assets in North America
Report Vulnerable Assets Exposed Vulnerabilities by Asset
Report Vulnerable Assets Exposed Vulnerability Count by Asset
Report Vulnerable Assets Top 10 Assets by Exposed Vulnerability Counts
Report Vulnerable Assets Blaster Vulnerable Hosts
Report Vulnerable Assets Top 10 Exposed Vulnerabilities by Asset Counts
Report Top 10 Top 10 Events
Report Top 10 Top 10 Attack Sources
Report Top 10 Top 10 Attackers
Report Top 10 Top 10 Attacked Targets
Report Top 10 Top 10 Attacks
Report Top 10 Top 10 Targets

ArcSight Confidential 10/27/2005 Page 34

Report Custom Reports Moving Average Report
Report Custom Reports Vulnerabilities of an Asset
Report Custom Reports Assets having Vulnerability
Report Custom Reports Security Intelligence Status Report
Report PIX Firewall Reports PIX Firewall - Outbound FTP Traffic
Report PIX Firewall Reports PIX Firewall - Denied Traffic by Port
Report PIX Firewall Reports PIX Firewall - Priority Summary Chart
Report PIX Firewall Reports PIX Firewall - Denied Connection per Hour
Report By Target Port Events by Target Port (Details)
Report By Target Port Attacker Counts by Target Port
Report By Target Port Events From an Attacker by Target Port
Report By Target Port Top Target Ports Chart
Report By Target Port Hourly Distribution Chart for a Target Port
Report By Target Port Events for a Target by Target Port
Report By Target Port Events by Target Port (Summary)
Report By Target Port Target Counts by Target Port
Report By Target Port Target Port Counts
Report System Reports Events Between an Attacker Target Pair
Report System Reports Events By Priority
Report System Reports Event Count by Attacker Target Pairs
Report System Reports Agent Severity Hourly Stacked Chart
Report System Reports Trend Chart for a specific Event
Report System Reports Events During a Day (Summary)
Report System Reports Events During a Day (Detailed)
Report System Reports Hourly Event Counts Line Chart
Report Check Point Firewall Reports FireWall-1 - Top 10 Requested URL-FTP Targets
Report Check Point Firewall Reports FireWall-1 - Bandwidth Usage per Hour
Report Check Point Firewall Reports FireWall-1 - URL-FTP Requests by Local Address
Report Check Point Firewall Reports FireWall-1 - Inbound Email Traffic
Report Check Point Firewall Reports FireWall-1 - Bandwidth Usage by Port
Report Check Point Firewall Reports FireWall-1 - Outbound Email Traffic
Report Check Point Firewall Reports FireWall-1 - Top 20 Connections by Address
Report Check Point Firewall Reports FireWall-1 - URL-FTP Requests by Foreign Address
Report By Target Events by Target Asset Group (Summary)
Report By Target Events by Target (Summary)
Report By Target Target Counts
Report By Target Attacker Counts By Target
Report By Target Events by Target (Detailed)
Report By Target Events by Target Asset Group (Detailed)
Report Symantec Intruder Alert Reports ITA - Top 10 Triggered Policies
Report Symantec Intruder Alert Reports ITA - Detailed Event Report
Report By Event Name Event Details

ArcSight Confidential 10/27/2005 Page 35