Events Feature Overview

A vast amount of events occur in your infrastructure every single second. The F5 Distributed Cloud App Infrastructure Protection (AIP) Events tab helps you view, organize, and find events of interest to your security concerns within this array of information.

To assist you in this work, the Events tab contains the following information:

  1. All Events – Displays every single event ingested by Distributed Cloud AIP within the specified date range. For more information, see All Events Tab.

    Note

    Distributed Cloud AIP retains events for up to three days. Events that trigger an alert (contributing events) are retained for 365 calendar days from the date of the triggered alert.

  2. Queue – Displays any event you select for further review. For more information, see Event Queue Tab.
  3. Search for Events – A variety of criteria you can use to search for and display selected events. For more information, see Search for Events.

events-page.png

What Events Does Distributed Cloud AIP Ingest?

  • Audit
  • CloudTrail
  • Fargate Netflow
  • Fargate Process
  • Fargate
  • File Integrity Monitoring (FIM)
  • Kubernetes Audit
  • Kubernetes Configuration
  • Linux Host
  • Login
  • Threat Intelligence (ThreatIntel)
  • Windows Host

Related Articles

Was this article helpful?
0 out of 0 found this helpful