IBM Proventia Network Enterprise User Manual - Downloading An Alert Log

Chapter 18: Enterprise Scanner Logs and Alerts

244

IBM Internet Security Systems

Downloading an Alert Log

Introduction

If necessary, you can save an Alert log to a file to use for forensic purposes. You can do 

that in the Proventia Manager for your agent.

Note:

Alerts remain on display on the Alerts log page after you save a log.

Three files per log

The Alert log is saved in three comma-separated values (.csv) files. The three files cross-

reference the data displayed in the Alerts log:

Procedure

To download an Alert log file:

1. On the Alerts page in Proventia Manager, click Generate new log file from Alerts.

The Log File Management page appears. 

2. Select a file to download, and then click Download.

A menu prompts, “Are you sure you want to download the file?” 

3. Click OK.

4. Select Save, and then click OK. 

5. Navigate to the folder where you want to save the file.

6. Type a file name, and then click Save. 

Log File Name

Contents

filename_eventdata.csv

•

the distinct records that match the alert record number

•

the event name and the risk level

filename_eventinfo.csv

The data listed in the event-specific information section of the 

alert.

filename_eventresp.csv

The data from the responses-executed section of the alert.

Table 93: Three alert log files