USM Central's Alarms page provides an overview of alarms triggered within connected deployments of USM Anywhere and USM Appliance. Here you can review all alarm activity, view only a select number of deployment alarms, or filter the alarms by specific details.
- On the left side of the page are the search and filters options. Use filters to delimit your search.
- At the top of the page, you can see any filters you have applied, and you have the option to create and select different views of the
- The main part of the page is the list of
alarms, where each row describes an individual alarm. Click an alarmto open a summary view. See Viewing Alarm Details for more information. Each alarm includes a check box that you can use to select it. You can select all alarms in the same page by clicking the check box in the first column of the header row. You can also select all the alarms in the system. See Selecting Alarms in Alarm List View for more information.
If you want to analyze the data, you can maximize the screen and hide the filter pane. Click the icon to hide the filter pane. Click the icon to expand the filter pane.
Refreshing the page
USM Central gives you the option of refreshing the page automatically in a period of time that you can configure.
Following the name of the view, you can click the icon to stop the auto-refresh countdown and refresh the page manually.
There is an auto-refresh countdown that refreshes the page at a regular interval. The number inside the blue circle indicates the remaining time until the next refresh. See Managing Your Profile Settings to configure this interval.
To enable the auto refresh option
- At the bottom of the expanded pane of the USM Central web user interface (UI), hover over the profile settings options, and select Profile.
Click the Alarms Auto Refresh field and select Every 15 Minutes, Every 30 Minutes, Every Hour, or Every 2 Hours. Select is Disabled if you don't want the alarms to automatically refresh.
- Click Save.
Alarm by Intent Graph
Alarms graphed by intent are sorted into five different categories, which are represented by the graphic icons in the display:
- Delivery & Attack ()
- Environmental Awareness ()
- Exploitation & Installation ()
- Reconnaissance & Probing ()
- System Compromise State or indication that an intruder has bypassed security measures and gained unauthorized access to resources, installed malicious software, or modified existing software or configurations in an attempt to cause damage or steal information. ()
If you want to analyze the data
Use the icon to change the alarms view, which is by default, Alarms by Intent.