H3C Technologies H3C Intelligent Management Center User Manual
Page 944
930
{
Click Manual execution required in the Result field to navigate to the Attack Alarm Details
page.
{
Manual execution required indicates that no action, either automatic or manual, was taken for
the associated event. From this page you can execute any actions that are associated with this
attack alarm type.
{
Success indicates that the automatic or manual action that was taken for this type of attack was
successful.
{
Failure indicates that the automatic or manual action that was taken for this type of attack failed.
Click Failure in the Result field to navigate to the Attack Alarm Details page. From this page you
can get the detailed failure reason.
{
Executing policy indicates that the automatic or manual action that was specified for this type
of attack is currently being executed. The contents of the Result field do not serve as a navigation
link to the Attack Alarm Details page when an action is being executed.
{
No matching policy indicates that the alarm does not match any security control policy. Click
No matching policy in the Result field to navigate to the Attack Alarm Details page. From this
page you can select one or more actions, if available, that are associated with this attack alarm
type.
{
Waiting for policy execution indicates that the selected action for the associated security attack
alarm is in the queue for processing by IMC. The contents of the Result field do not serve as a
navigation link to the Attack Alarm Details page when an action is waiting for policy execution.
{
Acknowledgement required indicates that the configured action could not be completed
successfully because the conditions necessary to complete the action were not met. For example,
the configured action was to shut down an interface. If the interface is unreachable and cannot
be shut down, the Result field contains the value, Acknowledgement required. The value,
Acknowledgement required in the Result field serves as a link for navigating to page for
re-executing the action manually.
{
The contents of the Result field serve as a link to one of several pages, depending on the result
of the action taken for the associated event. If the result is Failure, the link navigates you to the
Security Control Policy Result Report. For more information, see "
."
{
If the result is No matching policy, the link navigates you to the Execute Action page. For more
information about executing an action, see "
Executing a manual action for an attack alarm
•
Attack Path: This field contains a link to a topology map that displays the attack path.
If the Attack Alarm List contains multiple entries, the following navigational aids may appear:
{
Click
to page forward in the Attack Alarm List.
{
Click
to page forward to the end of the Attack Alarm List.
{
Click
to page backward in the Attack Alarm List.
{
Click
to page backward to the front of the Attack Alarm List.
2.
Click 8, 15, 50, 100, or 200 from the right side of the main pane to configure how many items per
page you want to view.
IMPORTANT:
You can sort the Attack Alarm List by the Name, Source, Destination, Time, and Correlated Policy fields,
by clicking the column label to sort the list by the selected field. The column label is a toggle switch that
allows you to toggle between the various sort options specific to each field.