Unchecked errors and warnings can be catastrophic for an organization. Analysts need to know what errors or warnings are discovered to implement effective remediation for a stable and secure environment. This report provides a detailed collection of errors and warnings identified in the environment.
Warnings and errors are both created when a potential issue is detected in a system’s logs. Warnings typically mean that an issue may arise but is not currently impacting functionality. Tracking and responding to warning logs enables security teams to be proactive in responding to system issues. Errors typically mean that the system’s functionality has been impacted. Errors should be remediated efficiently to ensure that all systems are performing as required. The Errors and Warnings report can help security teams effectively monitor logs for errors and warnings in order to improve remediation efforts.
The Warnings and Errors report provides extensive detail on all warning and error logs identified in the environment. Each chapter contains tables presenting detailed information about all warnings or errors found, including the relevant host, user and event information. By default, all tables are configured to display the top 10 warnings or errors detected over the past 24 hours. Security teams can easily reconfigure the tables based on desired timeframe or event count parameters.
The report is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The report can be easily located in the SecurityCenter Feed under the category Discovery & Detection. The report requirements are:
- SecurityCenter 5.4.2
- Nessus 6.10.1
- LCE 4.2.1
Tenable SecurityCenter Continuous View (SecurityCenter CV) provides continuous network monitoring, vulnerability identification and security monitoring. SecurityCenter CV is continuously updated with information about advanced threats, zero-day vulnerabilities and new types of regulatory compliance configuration audit files. Tenable constantly analyzes information from our unique sensors, delivering continuous visibility and critical context, enabling decisive action that transforms a security program from reactive to proactive. With this information, analysts have greater insight to monitor and determine action for environmental event errors and warnings indicated. Tenable enables powerful, yet non-disruptive, continuous monitoring of the organization to ensure valuable information is available to analysts.
This report contains the following chapters:
Executive Summary: The Executive Summary provides various elements displaying event logs that contain warnings and errors found on hosts in an organization’s environment over the last seven days. Managers use this information to determine the general health of hosts discovered. This report provides an overview of those findings to assist in identifying and developing a strategy for resolving and stabilizing those hosts discovered.
Warning Event Summary: The Warning Event Summary provides analysts detailed information of warning events triggered in the environment. Detailed information on the event is recorded and given in various tables. This report will provide an overview of those findings and assist in identifying a recovery strategy to resolve efficiently.
Error Event Summary: This report provides analysts detailed information required for monitoring errors discovered in an environment. This information displays a breakdown of the findings in various tables and graphs for errors. This report will provide an overview of those findings and assist in identifying a recovery strategy to resolve efficiently.