RSA Admin

Top 10 blocked attack

Discussion created by RSA Admin Employee on Dec 18, 2011
Hi, I have been trying to setup a top 10 blocked attack report for devicegroup firewall for a while now. I am not sure about how I can distinguish between ingress and egress traffic, blocked traffic and permitted traffic (or all traffic) and the attack type. I would like to use the table with least resource requirement wherever possible. I would also like to understand more clearly what type=1,2 or 3 means. Thanks for your help.