Documentation Center
AlienVault® USM Anywhere™

Viewing Event Details

Role Availability Read-Only Analyst Manager

The eventAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall. details page provides in-depth information on events.

To view the details of an event

  1. Go to Activity > Events.
  2. Click the event to display its details.
  3. Click the icon to bookmark an item for quick access. Clicking the icon on the secondary menu shows the bookmarked items and provides links to them.

    The Event Details page includes event management functions that are supported for your assigned user roleTasks and responsibilities based on job description and position within an organization. A user's role is often used to define access to functionality and privileges to perform specific tasks and operations.:

    You can see the event details, then the source, the destination, the payloadContents of the application layer of a packet triggering the security event., and the log. The icon located next to the Source and Destination fields enables you the access to several options. See Asset List View. In addition, you have these two options:

    • Add to current filter: This option enables you to add the asset to the selected filters.
    • Add asset to system: Use this option to create the asset, see Adding Assets.

    Note: The value in the FQDN field comes from the event itself (raw log). This field can have a real FQDN, an IP address, or be empty.

  4. In the upper right corner, click the previous and next buttons to navigate between items.
  5. Click the icon to close the dialog box.