Tenable Log Correlation Engine has the ability to receive IDS events from multiple sources. In addition to being normalized and stored in the log database, each event will be checked against any Tenable Security Centervulnerability databases. If a host is vulnerable to attack, the event is marked as such, allowing rules to trigger on this scenario so that the information can be distributed to the affected administrators.
For each IDS sensor, a sensor name and type must be defined as in the example below. The following sensor types are supported:
The following table describes the options that are available.
The IP address of the IDS.
Name to be used within the Tenable Security Center logs.
IDS sensor type.