The Top 10 Sources of Attack report shows you the details of the attackers with the highest number of events over a specific period of time. Attacks are defined as the security events of type Attack, Probable Attack, Successful Attack, Worm, and Virus. This report allows you to view the details of the top 10 initiators of the attacks that have occurred on your network. You can use this information to take preventative actions, including restricting major offenders.
Report Example:
To run a Top 10 Sources of Attack report:
Select the Reports tab.
From the Available Reports categories, select Security > Top 10 Sources of Attack.
By clicking on the drop-down calendars and selecting a date or by typing over the text in the date field, enter the date range for the report.
Click Continue.
NOTE: You will see a message screen that shows the time until the report results
are complete. To exit the results page and send the report to the Stored Reports
page for later viewing, click Send to Stored Reports.
When viewing the report, you will see a grid containing the following information:
IP Address
Attack Name
Rank
# of Events
To show an explanation of the nature of a specific attack, click Definition.
For information on different ways to display and/or print report output, see Report Options.
Related topics: