Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Viewing Details of a Threat
To view the details of a threat, complete the following steps:
- In the WebUI, set the filter to one of the options under groups has IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it. supported gateways.
For all devices, set the filter to . The dashboard context for the selected filter is displayed. Alternatively, you can select the IDPS-supported gateway from Devices > Gateways list to view the threat details for a particular device.
- Under , select .
- Click the List icon to view the table.
- Select a threat and click the icon (
) to view the details of the threat.
The details page provides the following information:
- —The timestamp of when the threat was detected.
- —The signature description of the detected threat.
- —The type of event in which the threat is identified.
- —The alert type under which the threat is categorized.
- —The IP address of the host from where traffic is initiated.
- —The ID associated with the signature.
- —The IP address of the host where traffic is destined to.
- —The severity of the threat as classified by the ruleset.
- Additional Details—The detailed information about the alert.
- Alert—The alert statement specifying that a alert was triggered due to a policy violation. The alert is triggered when a network traffic policy is violated based on threat categories. For more information, see alerts Threat Categories.
- Description—The description of the threat explaining more details such as how and where the violation has occurred.
- Impact—The possible effect of the threat that may be caused on the network based on the severity of the alert.
Click the 
icon to download the packet info to your local setup for troubleshooting.
Figure 1 Threat Details
