34. Reports » Devices » Filters¶
Clicking on a Filter opens a tab with specific information. The tab includes a few sub-tabs located at the lower side of the window. All sub-tabs share the following common toolbar fields:
● Filters – Select the Filters you are interested in, or select “All”. Administrators can restrict which Filters are accessible by guest accounts● Time Range – Select a predefined time range, or select “Custom…” to enter a specific time interval
34.1. Filter Dashboard¶
This tab allows you to view the most relevant data collected by Filters in form of widgets. The configuration of the Sensor Dashboard does not apply to a particular Filter, so the changes you make here are visible for other Filter Dashboards as well. The operation of dashboards is described in the Reports » Dashboards section.
The configuration of Filter widgets is outlined in the following paragraphs.
34.2. Filter Graphs¶
This sub-tab allows you to view a variety of Filter-related histograms for the selected Filter(s):
● Data Units – Select one or more data units:◦ Most Used – Frequently-used data units◦ Anomalies – Anomalies mitigated by the selected Filter(s)◦ Filtering Rules – Filtering rules detected by the selected Filter(s)◦ SW Firewall Rules – Filtering rules applied by the software firewall framework◦ HW Firewall Rules – Filtering rules applied by the hardware firewall framework◦ Source IPs – Unique IP addresses that have sent traffic to the attacked destination(s)◦ CPU% – Maximum percentage of CPU resources used by the selected Filter(s)◦ Used RAM – Amount of RAM used by the selected Filter(s)◦ Filtered Packets – How many packets were reported as blocked◦ Filtered Bits – How many bits were reported as blocked◦ Dropped Packets – Rate of packets dropped by the packet capturing engine of the selected Filter(s)◦ Received Packets – Rate of packets received by the selected Filter(s)◦ Packets/s – Rate of packets analyzed by the selected Filter(s)◦ Bits/s – Rate of bits analyzed by the selected Filter(s)◦ Filtering Rules – Filtering rules found for each filtering rule type◦ Total Excepted Rules – Whitelisted filtering rules● Size – Select a predefined graph dimension or enter a custom one in a “<X> x <Y>” format, where <X> and <Y> are the X-axis and Y-axis pixels● Title – Graphs have an automatically-generated title for “Auto”, no title for “None”, or you can enter your own text to be rendered as a title● Legend – Select the level of detail for the graph’s legend● Consolidation – If you are interested in spikes, choose the MAXIMUM aggregation type. If you are interested in average values, choose the AVERAGE aggregation type. If you are interested in low values, choose the MINIMUM aggregation type● Grouping◦ Filters – Select to generate a single graph for the selected Filters● Stacking◦ Filters – Select to view the summed up, stacked values for multiple Filters
34.3. Filter Events¶
Lists events generated by the selected Filter(s) for the selected time range. The events are described in the Event Reporting section.
34.4. Filter Instances¶
Lists statistics collected by each Filter instance.
34.5. Filtering Rules Archive¶
Lists filtering rules detected by the selected Filter(s) for the selected time range. Most fields are described in the Reports » Tools » Anomalies section.