User guide
Chapter 13: Viewing Alerts and System Information
142
Viewing Alerts
Introduction Use the Alerts page in Proventia Manager to view and manage system- and security-
related alerts. The alerts list contains the following alert types:
● intrusion prevention alerts are related to attempted attacks that occur in the network
● system alerts are related the appliance and its operation
Reference: See “Configuring Alerts” on page 122 for more information about creating
alerts to display in the management console.
How the appliance
saves the alert list
The current list is saved as three comma separated values (.csv) files. The three files are
used to cross-reference the data that appears in the Alerts page. The files are as follows:
Viewing alert
information
To view alert information:
1. Do one of the following:
■ Click the Alerts button.
■ Select one of the following:
Notifications
ÆAlerts
Intrusion Prevention
ÆAlerts
System
ÆAlerts
The Alerts tab displays the following information about each alert:
This file... Contains...
filename_eventdata.csv the distinct records that match the alert record number. This file
also lists the alert name and the risk level.
filename_eventinfo.csv the data listed in the alert specific information section of the alert.
filename_eventresp.csv the data from the responses executed section of the alert.
Table 38: Alert list files
Column Description
Rec.# Record number of the alert.
Risk Level Risk level icon for the alert.
Alert Name The alert name.
Source IP The source IP address of the traffic that caused the alert.
Source Port The source port and port name of the traffic that caused the alert.
Destination IP The destination (or target) IP address of the alert.
Destination Port The destination (or target) port and port name of the alert.
Protocol The alert's protocol and protocol number.
Vuln Status The vulnerability status.
Alert Date & Time The date and time the alert occurred.