3 Replies Latest reply on Oct 13, 2015 2:58 PM by jvdavis456

    How to find out what triggers an event


      Hi folks,


      I am comming around a lot of issues when working with events from Intrushield.

      So Iam always wondering how I can find out what triggers an event, how can I tell that it is not the false positive that it seems to be on the first look.


      For example,

      I have seen many events like "UDP: Port Scan" the involved source hereby is a nameserver.

      So, I would need much more information, cause I would say that this seems to be wrong.