ESM: Details View

Document created by RSA Information Design and Development on Sep 6, 2017Last modified by RSA Information Design and Development on Dec 4, 2018
Version 14Show Document
  • View in full screen mode
 

The Details view allows you to see details about the Event Source, as well as viewing a sample of the logs identified for each type in order to verify their accuracy.

You can access the Details view in a couple of ways.

  • From the Toolbar, click the View Details button. Or, you can
  • Double-click on the Event Source you selected.

Workflow

This workflow shows the overall process for configuring event sources.

What do you want to do?

                                      
RoleI want to...Documentation
AdministratorView and modify event sources.Managing Event Source Groups
Administrator*Acknowledge and map events sources. Acknowledging and Mapping Event Sources

Administrator

Add and configure parser mappings for a Log Decoder

Manage Parser Mappings

AdministratorView log parser detailsManage Parser Mappings

Administrator

Troubleshoot event source management.

ESM Troubleshooting & Appendix

*You can perform this task here.

Related Topics

Viewing Logs from Pre-11.0 Log Decoder

Quick Look

The following example shows the discovery scores, event source types, logs, and attributes that correspond with the Event Source you selected in the Event Sources panel for a single Log Decoder.

Note: Device logs are only available for 11.0.0.0 and above Log Decoders.

                                                 
1Displays the address of the selected Event Source.
2Displays the potential type of the selected Event Source.
3

Displays the selected Event Source Mapping Type as Auto-Mapped, Manually Mapped, or None. Any changes to the Event Source Mapping are only displayed here.

4

Displays the discovery score for the selected Event Source type from least confident (0) to most confident (100).

5Displays timestamps for the last few logs that have been parsed to the selected Event Source Type.
6Displays the address of the Log Decoder that is parsing event sources.
7Displays the discovery score of the corresponding log.
8Displays logs for the selected Event Source type.
9Allows you to acknowledge that all the discovered Event Source types are correct.
10Allows you to set the appropriate parsers for selected Event Source addresses.
11Displays the Event Source Management attributes for the selected Event Source Type.
Previous Topic:Create/Edit Group Form
You are here
Table of Contents > References > Details View

Attachments

    Outcomes