Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Investigate Task Modules in the NSM User Interface Overview


The Investigate task includes the following top-level modules:

Log Viewer

The Log Viewer displays log entries that your security devices generate based on criteria that you defined in your security policies, on the GUI server, and in the device configuration. Log entries appear in table format; each row contains a single log entry, and each column defines specific information for a log entry.

You can customize the view (which log entries and what log information is shown) using log filters or by changing the column settings.

Use the Log Viewer to:

  • View summarized information about security events and alarms

  • View information about a specific log entry

  • Show, hide, or move columns to customize the Log Viewer

  • Filter log entries by column headings

  • Create and save custom views that display your filters/column settings

  • Set flags on Log Viewer entries to indicate a specific priority or action

For more details on using the Log Viewer, see the Network and Security Manager Administration Guide.

Report Manager

The Report Manager contains summary, graphs, and charts that detail specific security events that occur on your network. NSM generates reports to visually represent the information contained in your log entries. You can use reports to quickly summarize security threats to your network, analyze traffic behavior, and determine the efficiency of NSM. To share reports or to use report information in other application, you can print or export report data.

Log Investigator

The Log Investigator contains tools for analyzing your log entries in depth. Use the Log Investigator to:

  • Manipulate and change constraints on log information

  • Correlate log entries visually and rapidly

  • Filter log entries while maintaining the broader picture

Realtime Monitor

Realtime Monitor provides a graphical view of the current status of all devices managed by NSM. Table 1 describes the monitoring status of all NSM managed devices.

Table 1: Monitoring Status of NSM Managed Devices

NSM Managed Devices

Monitoring Status

Device Monitor

Tracks the connection state and configuration state of your security devices and IDP sensors. You can also view device details to see CPU utilization and memory usage for each device, or check device statistics.

VPN Monitor

Tracks the status of all VPN tunnels.

NSRP Monitor

Tracks the status of security devices in clusters.

IDP Cluster Monitor

Tracks the status of IDP clusters.

You can customize Realtime Monitor to display only the information you want to see, as well as update information at specified time periods. You can also set alarm criteria for a device or process. For more details on Realtime Monitor, see “Realtime Monitoring“ in the Network and Security Manager Administration Guide.

Security Monitor

Security Monitor provides access to the Dashboard, Profiler, and Security Explorer. These tools enable you to track, correlate, and visualize aspects about your internal network, enabling you to create more effective security policies and minimize unnecessary log records. For more details, refer to “Analyzing Your Network” in the Network and Security Manager Administration Guide.

Audit Log Viewer

The Audit Log Viewer contains a log entry for every change made by an NSM administrator. For more details on Audit Log Viewer, see “Using the Audit Log Viewer” in the Network and Security Manager Administration Guide.