Errors and Warnings Report

by Josef Weiss
January 21, 2014

This report displays details on all warnings and errors identified in the environment.

The report has two main customizable sections.

The error section contains tables that present the reviewer with all errors found. By default, it is set up for display of the top 10 errors by count, and/or the last 24 hours by time. This can be easily modified to extend timeframe or display parameters. This section presents detected errors using five different methods.

  • Errors by User Summary - Presents the reviewer with errors by user name, a total of errors unique to the username along with trend graph of errors over the last 24 hours. Sorted by count.
  • Errors by IP - Presents the reviewer with errors by IP address, the reporting LCE, and the count of errors associated with the IP address. Sorted by count.
  • Errors by List of Events - Presents the reviewer with a list of error events, sorted by time.
  • Errors by Normalized Event Summary - Presents the reviewer with a Normalized Event Summary and trend, sorted by event count.
  • Error Logs - Presents the reviewer with a list of the raw Syslog entries received by LCE from devices that contain error data.

The warning section contains tables that present the reviewer with all warnings found. By default, it is set up for display of the top 10 warnings by count, and/or the last 24 hours by time. This can be easily modified to extend timeframe or display parameters. This section presents detected warnings using five different methods.

  • Warnings by User Summary - Presents the reviewer with warnings by user name, a total of warnings unique to the username along with trend graph of warnings over the last 24 hours. Sorted by count.
  • Warnings by IP - Presents the reviewer with warnings by IP address, the reporting LCE, and the count of warnings associated with the IP address. Sorted by count.
  • Warnings by List of Events - Presents the reviewer with a list of warning events, sorted by time.
  • Warnings by Normalized Event Summary - Presents the reviewer with a Normalized Event Summary and trend, sorted by event count.
  • Warning Logs - Presents the reviewer with a list of the raw Syslog entries received by LCE from devices that contain warning data.

The report and its components are available in the SecurityCenter 4.7 Report app feed, an app store of dashboards, reports, and assets. The report requirements are:

  • SecurityCenter 4.7.1
  • Nessus 5.2.4
  • LCE 4.2.1