Device Activity by Event Category
Attached is a Event Explorer Display Method that summarizes activity for all devices of a certain class. This is useful to get a quick view of all activity in an environment and use the filter capability to isolate specific classes of devices like IDS/IPS systems or OS.
1. Save the file to the EE client HDD
2. Go to the Tools --> Import menu
3. Point to the .eec file
The display will be added to your Display list, feel free to customize and upload any good variations.
Do you happen to have anything that will display activity by device type and device name or IP address? Instead of being a Pie Chart we would need it be displayed in Tabular.... I think I can change it to tabular... I just need to find a way to show all the devices, e.g. all Cisco Pix Firewalls and how many events each firewall has generated....
Basically, I would like to display the device type name and its Hostname or IP.
- <filter type="CONTAINS" field="DeviceTypeName" enabled="true">