Login
- Table of Contents
-
- 03-Monitor
- 01-Application analysis center
- 02-Blacklist logs
- 03-Single-packet attack logs
- 04-Scanning attack logs
- 05-Flood attack logs
- 06-Threat logs
- 07-Reputation logs
- 08-URL filtering logs
- 09-File filtering logs
- 10-Data filtering logs
- 11-Security policy logs
- 12-IPCAR logs
- 13-Sandbox logs
- 14-NAT logs
- 15-SSL VPN user access logs
- 16-SSL VPN access resource logs
- 17-Terminal status
- 18-DLP logs
- 19-Zero trust policy logs
- 20-Application audit logs
- 21-System logs
- 22-Configuration logs
- 23-Traffic logs
- 24-Load balancing logs
- 25-TopN traffic
- 26-Security policy hit analysis
- 27-TopN threats
- 28-TopN URL filtering statistics
- 29-TopN file filtering statistics
- 30-Attack defense statistics
- 31-Server load balancing statistics
- 32-Outbound link load balancing statistics
- 33-Transparent DNS proxy statistics
- 34-Connection rate ranking
- 35-DLP statistics
- 36-TopN traffic trends
- 37-Security policy hit trend analysis
- 38-TopN threat trends
- 39-TopN URL filtering trends
- 40-TopN file filtering trends
- 41-Link trend
- 42-Routing policy trends
- 43-Virtual server trend
- 44-Server farm trends
- 45-Real server trend
- 46-Domain Requested Times Trend
- 47-TopN file filtering trends
- 48-Online SSL VPN users trend
- 49-Botnet analysis
- 50-Asset security
- 51-Threat case management
- 52-Report settings
- 53-Session list
- 54-LB session information
- 55-DNS cache information
- 56-User information center
- 57-IPv4 online users
- 58-IPv6 online users
- 59-MAC authentication online users
- 60-Terminal status
- 61-Asset scan
- 62-Ping
- 63-Tracert
- 64-Packet capture
- 65-Webpage Diagnosis
- 66-Diagnostic Info
- 67-Packet trace
- 68-Load balancing test
- 69-IPsec diagnosis
- 70-Risk analysis
- 71-Content moderation logs
- 72-Content security top
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 51-Threat case management | 30.68 KB |
Threat case management
Introduction
Threat case management is used to manage and classify the threat logs generated by the device. The device provides an alarm resource pool to store threat logs and allows users to add the logs to cases for ease of log management.
To manage threat cases:
1. Click the Monitor tab.
2. In the navigation pane, select Security Logs > Threat Logs. Select the target logs, and then click Add to alarm resource pool.
3. In the navigation pane, select Threat Case Management. Click the Alarm Resource Pool tab to view logs for threat analysis.
4. To add logs to a case, select the target logs, and click Add to case to add the selected logs to a case.
You can perform the following threat log management tasks on the Cases tab:
· To archive a case, you can perform either of the following tasks:
¡ Select the case, and then click the Edit icon 
for the case entry. In the dialog box that opens, select Archived from
the Status field.
¡ Select the case, and then click Logs in the case entry. In the dialog box that opens, click Archive. Then, click Yes to confirm your operation.
· To view the details of a case, click Logs in the case
entry. In the dialog box that opens, you can also view the details of a log by
clicking the Details icon 
in the log entry.
· To edit a case, click the Edit icon 
for the case entry. In the dialog box that opens, edit the status
of the case or remove logs from the case as needed.
