USM Central's Alarms page provides an overview of alarms triggered within connected deployments of USM Anywhere and USM Appliance. Here you can review all alarm activity, view only a select number of deployment alarms, of filter the alarms by specific details. The main Alarms page displays a graph showing an overview of recent alarm activity, and a list of the most recent alarms below it.
Across the top, you can see any filters you have applied, and you have the option to create and select different views of the alarms. The main part of the page is the list of alarms. Each row describes an individual alarm and includes a checkbox on the left side of each one for selecting it. You can select all alarms on the same page by clicking the checkbox in the first column of the header row.
Alarm Summary Graph
Alarms graphed by intent are sorted into five different categories, which are represented by the graphic icons in the display:
- Delivery & Attack ()
- Environmental Awareness ()
- Exploitation & Installation ()
- Reconnaissance & Probing ()
- System Compromise State or indication that an intruder has bypassed security measures and gained unauthorized access to resources, installed malicious software, or modified existing software or configurations in an attempt to cause damage or steal information. ()
If you want to analyze the data
Use the icon to change the alarms view, which is by default Alarms by Intent. This view is a bubble graph that provides a graphical representation of alarms by intent.