Can I view the contents of objects contained in the matching access rules from the read-only policy query popup window?
A. Yes. If an access rule contains network/host, interface, or service objects, you can click the object in the read-only policy lookup table to view the definitions of these objects in a popup window. The contents of the objects that match with the values in the syslog that generated the rule are highlighted. However, expanded object entries are highlighted only for TCP and UDP protocol in service objects, destination object names, and source object names. The Source, Destination, Service, and Interface cells are not clickable if they do not contain objects.
Related Questions
- Are the Security Manager login credentials that I enter in the read-only policy query popup window cached until the current session is active?
- Can I perform any other task from the read-only policy query page for a signature-fired event, besides tuning of signatures?
- Can I view the contents of objects contained in the matching access rules from the read-only policy query popup window?