Filtering events

Use the Filter check box in the Network IPS Local Management Interface to view events according to options such as severity, event name, or IP version.

About this task

This task applies to security events, user-defined events, connection events, and response filters.

Procedure

  1. Select the Filter check box.
  2. Click the word Filter.
  3. In the Configure Filters area, set the appropriate filter for your needs. Filters include but are not limited to the following options:
    • Regular expressions (not case-sensitive)
    • Protection domain
    • Severity
    • Protocol
    • Display
    • Block
    • Log evidence
    • XPU
    • Throttling
    • Default protection
    • Event name
    • VLan
    • ICMP type/code
    • IP version
    • Source and target addresses
  4. Click OK.