This section includes the Reports that are included in the Core Threat Detection Module.
Account Management Activity
Summarizes all account management activity.
Report ID: 1014
Minimum Log Sources
Active Directory or LDAP
Recommended Log Sources
Host Logs
Top Attackers Summary
Summarizes top attackers by Origin Host.
Report ID: 1015
Minimum Log Sources
Any Security Log Source
Recommended Log Sources
-
- Antivirus
- Intrusion Detection System
- Vulnerability Scanner
- LogRhythm Network Monitor
- Next Generation Firewall