Configuration guide, Realtime monitoring, Displaying event snapshots – H3C Technologies H3C SecCenter IPS Manager User Manual
Page 43
37
Configuration guide
From the navigation tree of the IPS management component, select Device Statistics under Device
Management to enter the device statistics page, as shown in
Figure 35 Device statistics
In the Analysis column of the attack protection list or virus protection list, you can click the
icon of a
device to enter the attack/virus event analysis page of the device. For more information, see “
attack/virus/DDoS attack event analysis reports
Realtime monitoring
The realtime monitoring function supports centralized monitoring of security events. It can collect and
report attack events, virus events, and DDoS attack events in real time, and provide the snapshot
information based on IPS devices and events.
Displaying event snapshots
The event snapshot presents the attack protection, virus protection, and DDoS attack protection
information in the last hour, including the time, total number of events, blocked events count, source
addresses, destination addresses, as well as event types. Besides, it provides the Top N lists of attack
events, virus events, DDoS attack events, targets, sources, ports, and protocols, helping you track the
latest security status of the network in an intuitive way.
Configuration guide
From the navigation tree of the IPS management component, select Event Snapshot under Realtime
Monitoring. The Snapshot page appears, as shown in
describes the event snapshot
describes the fields of the event snapshot lists in snapshot, attack protection,
and virus protection tabs.