Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Available JSA Capabilities After Migration

After you migrate Log Manager to JSA, a number of security intelligence capabilities are available.

The following table describes some of the added capabilities:

Table 1: JSA Features

Feature

Description

Network Activity Tab

View and manage network activity on your network.

Offenses Tab

View and manage offenses, which are alerts that notify you of suspicious network or log activity. Use rule tests and responses for testing both network and log activity.

Assets Tab

View and manage assets and vulnerabilities on your network.

Enhanced Reports Tab

Use more report types, including Asset Vulnerabilities, Flows, Top Source IP addresses, Top Destination IP addresses, and Top Offenses.

Enhanced Dashboard Tab

Manage multiple dashboard views, and add new dashboard items that are related to offenses, sources, and destinations.

The Internet Threat Information Center dashboard item is not automatically added to your system when you migrate Log Manager to JSA.

Adding the Internet Threat Information Center Dashboard Item

The Internet Threat Information Center dashboard item is an embedded RSS feed that provides you with up-to-date advisories on security issues, daily threat assessments, security news, and threat repositories.

  1. Use SSH to log in to JSA as the root user.

  2. Restart the JSA web service by typing the following command:

  3. Log in to JSA.

  4. Click Dashboard >Show Dashboard >Threat and Security Monitoring to verify that the Internet Threat Information Center dashboard item appears.

Related Documentation