Alerts
Page Layout
The alerts page has the common three panel layout of menu overlay, facet, and workspace.
To review alerts from different sources, the best place is “Alerts” page. Fluency will assign alerts into different “classifications”. Alerts extracted from the same device model will have their own classification.
Fields in the Table
| Field | Description |
|---|---|
| Signature Name | The signatures short name (by vendor, if any. else assigned) |
| Sig. Id | The signatures reference code (by vendor) |
| Classification | The signatures classification (by vendor) |
| Ports Used | List of top five (5) ports connected to. |
| Bandwidth | The amount of bandwidth in the last 24 hours to or from the address |
| Sources Connecting | List of top five (5) address connected from. |
| Connecting To | List of top five (5) address connected to. |
| Tags | Information tags on the signature |
| Issues | Issues (Incident) tags on the signature |
| Hosts Connected | List of the top five hostname connected to. |
| Countries Hosted | List of top five countries the address has been hosted by GeoIp. |
| Flow Count | Number of sessions. |