The eventAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall. details page provides in-depth information on events.
To view the details of an event
- Navigate to ACTIVITY > EVENTS.
- Click the event to display its details.
Click the star symbol to the left of an item to mark it as a bookmark for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to them.
The Event Details page includes event management functions that are supported for your assigned user roleTasks and responsibilities based on job description and position within an organization. A user's role is often used to define access to functionality and privileges to perform specific tasks and operations.
- Select Action, see Applying Actions to Events for more information.
- Create Rule, see Creating Rules from Events for more information.
- Suppress Event. You can suppress the specific event you are displaying. See Suppressing/Unsuppressing Events for further information.
You can see the event details, then the source, the destination, the payloadContents of the application layer of a packet triggering the security event., and the log. The chevron icon () located next to the Source and Destination fields allows you to access to several options, see Asset List View. In addition you have these 2 options
- Add to current filter. This option allows you to add the asset to the selected filters.
- Add asset to system. Use this option to create the asset, see Adding Assets.