About events
Event function is the most important functions in AthTek NetWalk. Through the powerful events and interaction with the actions, AthTek NetWalk is a full-featured, intuitive, easy to configure intrusion detection system (IDS). AthTek NetWalk reports events to call your attention to error conditions it has detected on the network. AthTek NetWalk reports three types of events – statistic-based events, packet-based events and advanced events.
- Statistic-based Event: Query a specified statistics function once per second, testing for user-specified problem conditions. On matching any of these tests, the event function sends a notification of user-specified severity.
- Packet-based Event: This kind of event is similar to the rules of traditional IDS (i.e. Snort), which allows AthTek NetWalk to analyze network traffic for matches against a user-defined rule set and performs several actions based upon what it sees.
- Advanced Event: AthTek NetWalk event module also provides a number of events can not be completed through the above-mentioned two types of events. With the AthTek NetWalk development and improvement, this type of events will be more and more.
AthTek NetWalk can take different actions when an event is detected. Three types of actions can be associated to an event:
- Global Action: Global actions which are assigned to the severity of the event are triggered when an event is detected. More about Global Actions are described in Event Actions.
- No Action: No action is triggered when the event is detected.
- Independent Action: The specified action is triggered when the event is detected.