The Frequent Offenders display is a listing of the most frequently and infrequently identified source IP addresses within the database for all selected sensors.
The purpose of this display is to give the user a quick and efficient method of determining the most and least active offenders in the intrusion database. Several options exist to customize this display for each user.
Clicking an offenders IP address displays the associated events in the event browser. Clicking the report link, generates a report based upon the selected offenders IP address and time period.
Display Type: Select Frequent or Infrequent Offenders to be listed
Display Options: Select the number of list items to be displayed on the current page
Percent Meter Toggle: Toggles the displaying of the percentage graph meter
Time Period Toggle: Toggles the display time period between all events and a 72 hour window