Information in the Hosts section

The Hosts section displays the following information about hosts on which the TAA (IOA) rule was triggered:

• Host name—IP address or domain name of the computer where the event occurred. Clicking the link opens the Threat Hunting section with the search condition containing the ID of the selected rule and the selected host.
• Number of events—Number of events that occurred on the host.
• Find events. Clicking the link opens the Threat Hunting section with the search condition containing the ID of the selected rule.

See also Viewing alerts Viewing alert details General information about an alert of any type Information in the Object information section Information in the Alert information section Information in the Scan results section Information in the IDS rule section Information in the Network event section Scan results in Sandbox IOC scan results Information in the Change log section Sending alert data

Page top