Querying the detected ssid history, Security event, Viewing the wips security event list – H3C Technologies H3C Intelligent Management Center User Manual
Page 512
490
Querying the detected SSID history
You can query the detected SSID history by using the query criteria for querying detected SSIDs. For
more information, see "
Security event
A security event is an event or operation in the wireless network that is recorded in a syslog message.
APs periodically report detected information to the AC, which records the information in syslogs and
sends the syslogs to IMC. You can view the syslogs on the WIPS Security Event List.
To view the WIPS security event list, make sure the following conditions are met:
•
The Syslog Management module has been installed and deployed.
•
You have configured the IMC server (IP address) as the log host of the AC with the info-center
loghost xxxx command, where xxxx is the IP address of the primary IMC server.
Viewing the WIPS security event list
1.
Click the Service tab.
2.
Select WLAN Manager > WIPS Management > Security Event from the navigation tree.
The WIPS Security Event List displays all security events.
WIPS Security Event List contents
{
Security Level—Severity level of the security event, Emergency, Alarm, Key, Error, Warning,
Notification, Prompt, or Debugging.
{
Detected Device MAC—MAC address of the device where the event occurred.
{
Detecting Device MAC—MAC address of the device that detected the security event.
{
Virtual Security Domain—Virtual Security domain to which the sensor that detected the
security event belongs.
{
Event Type—Security event type. For example, vsd-client-del or vsd-ap-add.
{
Detecting AC—Device label of AC with which the sensor that detected the security event was
associated. Click the AC label to view its details.
{
Description—Description for the security event.
{
Receive Time—Time when the syslog that recorded the security event was received.
{
Locate—Click the Locate icon to display the device in the location view where the sensor
that detected the device resides. If the sensor is not in the location view, the operation fails.
If the WIPS Security Event List contains enough entries, the following navigational aids appear:
{
Click
to page forward in the WIPS Security Event List.
{
Click
to page forward to the end of the WIPS Security Event List.
{
Click
to page backward in the WIPS Security Event List.
{
Click
to page backward to the front of the WIPS Security Event List.
3.
Click 8, 15, 50, 100, or 200 on the right side of the main pane to specify the number of pages
you want to display on each page.