Network sensors are responsible for generating and sending
alarms to the Event Viewer. The Event Viewer host must then receive and display
these alarms for security personnel. To insure the integrity of the network, you
must understand how to view and manage the alarms, while also understanding the
significance of each generated alarm. The Event Viewer provides a GUI interface
to assist you with the display and management of your alarm data.
|
Note |
This section describes and details the Event Viewer included
with CSPM. |
The Event Viewer is a GUI application used
to display each alarm and its critical information, as well as provide status
information generated by the sensor daemons. A single intrusion on your network
can generate a large number of alarms, which can quickly fill the Event Viewer
screen. If multiple sensors are installed on the network each sensor can detect
the same intrusion, resulting in multiple alarms for a single attack. Your
competence and efficiency with the Event Viewer will enable you to disseminate
the information received and respond to intrusions in a timely fashion, without
being overwhelmed. To assist you in building a thorough understanding of the
Event Viewer, this section discusses the following topics:
Sections
Comments (0 posted)
Syndication
