Monitor Activity and Create Custom Reports Based on Threat Categories
Threat categories classify different types
of threat signatures to help you understand and draw connections
between events threat signatures detect. Threat categories are subsets
of the more broad threat signature types: spyware, vulnerability,
antivirus, and DNS signatures. Threat log entries display the
for each recorded event.
Filter Threat logs by threat category.
Add the Threat Category column so you can view the
Threat Category for each log entry:
To filter based on Threat Category:
Use the log query builder to add a filter with
Threat Category and in the
enter a Threat Category.
Select the Threat Category of any log entry to add that category to
Filter ACC activity by threat category.
Threat Category as a global filter:
Select the Threat Category to filter all ACC tabs.
Create custom reports based on threat categories to receive information
about specific types of threats that the firewall has detected.
as the source for the custom report—in this case, select
either of the two types of database sources, summary databases and Detailed logs. Summary
database data is condensed to allow a faster response time when
generating reports. Detailed logs take longer to generate but provide
an itemized and complete set of data for each log entry.
In the Query Builder, add a report filter with the
and in the Value
field, select a threat category on which to base your report.