Visual Guard provides the capability to select specific event types and set a start and end date for event aggregation. This feature allows you to focus on specific security events within a defined time range, providing targeted insights and analysis.
Event Aggregation and Filtering
Event aggregation is a key feature of Visual Guard that helps reduce the noise and complexity of individual security events. By aggregating events, Visual Guard groups them together based on common attributes or time intervals, providing a consolidated view of security activities.
By selecting event types and setting a start and end date, you can filter and aggregate the relevant security events that match your specific monitoring needs. This enables you to gain insights into the aggregated events within the defined time range, identify patterns, and extract valuable information for security analysis.
Utilizing Event Aggregation and Filtering
To leverage the event aggregation and filtering features in Visual Guard, follow these steps:
- Access the Visual Guard Monitoring Console (WinConsole or WebConsole).
- Navigate to the event monitoring section.
- Specify the event types you want to focus on.
- Set the start and end date for event aggregation.
- Explore the aggregated events within the defined time range.
- Analyze the filtered events to gain targeted insights and identify security trends.
Considerations and Best Practices
When utilizing event aggregation and filtering in Visual Guard, consider the following best practices:
- Select event types that are most relevant to your application’s security requirements and monitoring goals.
- Set a meaningful and appropriate date range for event aggregation, ensuring it aligns with your analysis objectives.
- Regularly review and adjust the event types and date range as needed to ensure you are monitoring the events that matter most to you.
- Determining Optimal Maintenance Time: Analyze the aggregated events and identify periods of low activity or reduced security events. These periods may indicate optimal times for performing maintenance activities such as software updates, database optimizations, or server maintenance. By scheduling maintenance during these periods, you can minimize disruptions to end users and ensure smooth operation of your applications.
- Detecting Connections During Late-Night Hours: Pay special attention to event occurrences during late-night hours when the activity is expected to be minimal. This can help you identify any unauthorized or suspicious connections that may occur during that time. By monitoring and analyzing the event patterns during these hours, you can detect potential security breaches and take appropriate actions to mitigate risks.
By following these best practices, you can leverage the event aggregation and filtering capabilities in Visual Guard to optimize your maintenance activities and enhance the security of your applications.
Viewing Individual Events
In addition to aggregating events, Visual Guard allows you to drill down into the aggregated sections to view the individual events that make up the aggregate. By clicking on a section of the column representing an aggregate of events of the same type, you can access a detailed list of the individual events. This allows for a granular examination of each event and provides additional context and information.
- Clicking on (B) will redirect to the screen displayed below
- Clicking on (C) will redirect to the screen displayed below