Details View

Document created by RSA Information Design and Development on Sep 13, 2017Last modified by RSA Information Design and Development on Oct 11, 2017
Version 6Show Document
  • View in full screen mode
 

The Details view allows you to see details about the Event Source, as well as viewing a sample of the logs identified for each type in order to verify their accuracy.

You can access the Details view in a couple of ways.

  • From the Toolbar, click the View Details button. Or, you can
  • Double-click on the Event Source you selected.

Workflow

These are the required configuration steps for a new Decoder or Log Decoder that includes managing parser mappings.

Decoder configuration workflow, with Enable and Disable Parsers higlighted

What do you want to do?

                                 
RoleI want to...Documentation

Administrator

Obtain logs for a 10.6 Log Decoder.

Obtaining Logs from Pre-11.0.0.0 Log Decoder

Administrator

Map Parsers for selected event sources.

Manage Parser Mappings

Administrator

Acknowledge that all the discovered Event Source types are correct.

Manage Parser Mappings

AdministratorMap selected Event Sources.Manage Parser Mappings

The following example shows the discovery scores, event source types, logs, and attributes that correspond with the Event Source you selected in the Event Sources panel for a single Log Decoder.

Note: Device logs are only available for 11.0.0.0 and above Log Decoders.

NEED NEW SCREEN SHOT THAT SHOWS MULTIPLE EVENT SOURCE TYPES, LOGS, AND ATTRIBUTES. 

Example shows discovery scores for a single Log Decoder.

                                             
1Displays the address of the selected Event Source.
2Displays the type of the selected Event Source.
3

Displays the discovery score for the selected Event Source from least confident (0) to most confident (100).

4Displays timestamps for the last few logs that have been parsed to the selected Event Source Type.
5Displays the name address of the Log Decoder that is parsing event sources.
6Displays the discovery score of the corresponding log.
7Displays logs for the selected Event Source type.
8Allows you to acknowledge that all the discovered Event Source types are correct.
9Allows you to set the appropriate parsers for selected Event Source addresses.
10Displays the Event Source Management attributes for the selected Event Source Type.

The following example shows the message that displays in the displays in the Logs panel for a pre-11.0.0.0 Log Decoder.

Example of message that displays when a pre-11.0 Log Decoder is discovered.

You are here
Table of Contents > Details View

Attachments

    Outcomes