beautypg.com

Configuring the alarming function, Configuration guide, Table 51 – H3C Technologies H3C SecCenter IPS Manager User Manual

Page 59

background image

53

Option Description

Duration

Select the statistics duration. You can select Day, Week, or Month, or select Customize
to specify a duration.

Time

Select the statistics time. The value range varies with the selected statistics duration.

Grouping by

Select a grouping mode. The system supports four modes: None, Attack Type, Dest IP,
and Protocol.

Table 51 Fields of the DDoS event details

Field Description

Start Time

Time when the DDoS event started

End Time

Time when the DDoS event ended

Protected Network

IP network segment protected against the DDoS attack

Src IP

Source IP address of the DDoS attack

Dest IP

Destination IP address of the DDoS attack

Attack Type

Type of the DDoS attack

Protocol

Name of the protocol used by the DDoS attack

Attack name

Attack name of a DDoS attack event

Threshold

Threshold of the DDoS attack event

Max Avg Rate

Maximum average rate of the DDoS attack event

Event Count

Total number of events occurred during the specified time

NOTE:

Logs are aggregated at 3 o’clock in the morning every day. When you query event information of the
current month, the system displays only the data collected from the first day of the month to the day before

the current day.

Configuring the alarming function

The IPS management alarming function includes alarming configuration and alarm information. After the

alarming function is configured, when an attack or virus event matches any configured alarm condition,

the system will raise an alarm by sound or by Email and record the event. This function helps

administrators know about network threats and take proper actions in time.
Before using the alarming function, perform related alarming configurations first.

Configuration guide

1.

From the navigation tree of the IPS management component, select Alarms under Event Analysis to
enter the event alarm page.

2.

Select the Alarm Config tab to enter the alarming configuration page, as shown in

Figure 53

.

3.

Configure the alarming function.

Table 52

describes the alarm configuration items.

4.

Click Apply.

See also other documents in the category H3C Technologies Safety: