Adding markers

Users with the Senior security officer role can assign markers to NDR events and aggregate events in the Network traffic events section of the application web interface.

A marker is an icon that helps you find NDR events and aggregate events by criteria that are not present in the table.

To assign a marker to an NDR or aggregate event:

  1. In the Network traffic events section, in the row with the NDR event or aggregate event, click in the Asterisk icon. column.
  2. In the menu that is displayed, select the marker that you want to assign to this NDR event or aggregate event.

    You can select one of seven markers provided by the application. The meaning of each marker is up to you to decide.

  3. If you need to remove a marker, select No marker in the menu.

Users with the Senior security officer and Security auditor roles can view NDR events or aggregate events with a marker.

Page top