This report displays incident response details on Systems that have been found in your environment to have active intrusion events. Intrusion events are events that are triggered by plugin 800125 - Long Term Intrusion Activity, or 800017 - Intrusion Statistics..
This report displays event statistics leveraging the capabilities of Tenable Netflow Normalized Events. This event data is correlated to produce a series of pie charts, tables, and trends lines to display statistical data. The report is based on the the components present in the NetFlow Monitor Dashboard.
Netflow data that is being forwarded to Tenable’s LCE includes ports, source and destination IP address. The chapters in this report include:
Top Talkers (All Traffic)