Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Aruba Central Online Help
Viewing the Threats List
To view the table, complete the following steps:
- In the WebUI, set the filter to one of the options under groups that has IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it.-supported gateways.
For all devices, set the filter to . The dashboard context for the selected filter is displayed. Alternatively, you can select the IDPS-supported gateway from Devices > Gateways list to view the threat details for a particular device.
- Under , select .
- Click the List icon to view the table.
The table provides the following information:
- —The timestamp of the gateway system clock specifying when the threat was detected.
- —Name of the gateway in which the threat was detected.
- Model—The gateway model number.
- Client Role—The client role corresponding to the source where the threat is identified.
- —The ruleset type currently running on the device. It is the IDPS engine version such as 4x or 5x.
- —The type of event in which the threat is identified.
- —The IP address of the host from where traffic is initiated.
- —The IP address of the host where traffic is destined to.
- Geo Location—The geographic location details.
—The geographic location of the host that is initiating traffic.
- —The geographic location of target host that is receiving the traffic.
- —The severity of the threat as classified by the ruleset.
- —The action defined in the ruleset.
- —The signature description of the threat event detected.
- Click the
icon and select the columns that you want to display on the table. To reset the columns, click the icon and select . - On the table, use the filter and the sort icons to filter and sort the threats data respectively.
- To set the charts to show data for specific duration, use the options in the time range filter. By default, the data is displayed for a duration of 3 hours.
- To view the graphs for different durations, click the
time filter icon and select a time range of your choice. - You can view the data for a group of 9004-supported gateways or an individual gateway device using the filter. To view data collectively for all 9004 gateways, select All Devices from the filter.
