Observer GigaFlow

Documentation

Table of Contents

Observer GigaFlow Documentation

Documentation > How-To Guide for GigaFlow > Alerts and Events > Determine the Importance of an Event

Determine the Importance of an Event

If you receive intelligence about a specific IP Address, MAC Address, network device or user, carry out a GigaFlow Search on the object. For this example, we will search by IP address.

After searching by IP address, click on the Device Name in the panel on the left. Click Either in the FlowSec Events section of this panel.

This will bring you to an Events page that summarises interactions with the IP address during the reporting period. Using this information, you can build a picture of the importance of the event.

See Determine if Bad Traffic is Affecting Your Network for more.

To view historical information, select the relevant dates and times at the top of the page.