As an Anomaly Detection registered user, you now have access to security and operational events analysis tools.
Investigating events helps you understand and react to your network's behaviour.
How To investigate an Event
Navigate to the Events Page
-
Log in to Anomaly Detection.
-
Go To 'Events'.
- Find the Event you wish to investigate.
- Use the 'Add Filter' drop down menu to filter for a specific event type or category.
- Click on the event you wish to investigate.
- Within the event page you view the number of occurrences, relevant IP's and what triggered the event. You also have the ability to download a packet capture.
- You can respond to an event by clicking on the recommended action button the bottom right corner. (Enterprise Customers Only)