The Events View is displayed on the right panel of the main window. It comprises of a list of all the selected events detected by the KFSensor Server.
The events that are displayed are filtered by the currently selected item in the Ports View or the Visitors View.
The events are sorted in either ascending or descending chronological order. This is controlled by options on the View Menu.
The Port View is linked to the Events View and acts as a filter to it. For example if you select port 80, then only those events related to port 80 will be displayed in the Events View.
The list comprises of a number of columns. The columns that are displayed can be configured in the Add/Remove Columns dialog box.
All of an event's details can be viewed for the currently selected event by viewing the Event Details dialog box.The event context menu, available with a right click, has the option to Create Visitor Rule. This fills in the basic details of the Visitor Rule dialog allowing for fast rule creation.
The icons displayed next to each event are color coded according to an event's severity.
The event row background is color coded according to severity and the protocol of the event.
The actual Listen Icon displayed will be the icon specified in the listen definition.
Icons | Color | State |
Grey | Low Severity | |
Yellow | Medium Severity | |
Red | High Severity |