You can use the Correlation Data icon on the Correlated
Events screen to view correlation
data for the selected event.
 |
NoteNot all events detected by Deep Discovery
Inspector are listed on the Correlated
Events screen.
Deep Discovery Director - Network
Analytics (the appliance) creates
correlated data only for detection events it determines are high risk where
advanced analytics are of special interest to administrators and can help with
advanced analysis of threats.
There are several reason why an event might be listed on the
Affected Hosts
screen or the Network
Detections screen, but is not listed on the Correlated Events screen:
|
Procedure
- Log on to the Deep Discovery Director console.
- Go to .The Correlated Events screen opens, which displays the list of detections with correlated events for the specified time period. The Correlation Data icon (
) is displayed on the
left-hand side of the Details column.
- (Optional) Change the time period to see more or less correlated events.If no events are displayed for the selected time period, increase the time period until you can see correlated events.
Note
You can use additional filters to filter the results displayed in the Correlated Events screen to make selection of the desired correlation data easier. See the Deep Discovery Director Administrator's Guide for more information. - Click on the Correlation Data icon
().The Correlation Data screen opens.
What to do next
Use the Correlation Data
screen for advanced analysis and to view threat histories for detected threats.