Does RSA have a OOTB alerts guide that describes the basic alerts and how they should be interpreted? Alerts - packet, logs and ESA.
Check out farther down the page... the written metavalues are described there (single sided udp, single sided up).
Are you looking for descriptions of the OOTB ESA alerts or application rules and syntax or something else ?
Not quite... I am looking for a document to help interpret meta. Ex. single packet tcp, single packet udp. Just the generic items that I can provide to our customers to help them understand what the alerts mean and how to interpret them.
This is what I was looking for... just a side note. Ex. single sided tcp and single packet tcp. The ir.general module refers to it as single sided tcp... for the Palo source.
Retrieving data ...