3 Replies Latest reply on Oct 13, 2015 2:58 PM by jvdavis456

    How to find out what triggers an event

    johestephan

      Hi folks,

       

      I am comming around a lot of issues when working with events from Intrushield.

      So Iam always wondering how I can find out what triggers an event, how can I tell that it is not the false positive that it seems to be on the first look.

       

      For example,

      I have seen many events like "UDP: Port Scan" the involved source hereby is a nameserver.

      So, I would need much more information, cause I would say that this seems to be wrong.

       

      Regards