Actions
Task #4114
closedReport content design and adjustments
Added by Jan Mach over 6 years ago. Updated about 6 years ago.
Start date:
05/31/2018
Due date:
% Done:
100%
Estimated time:
To be discussed:
Description
Following tasks could be done to improve currently used report templates and reporting altogether:
- Abridge report text and move some of the text to informational web page
- Improve event classifications in classifying inspection module
- Improve report section labels for event classess
Related issues
Updated by Pavel Kácha over 6 years ago
Jan Mach wrote:
- Improve event classifications in classifying inspection module
- Improve report section labels for event classess
I consider aforementioned two done.
Updated by Pavel Kácha over 6 years ago
Webpage https://mentat.cesnet.cz/cs/reporting should move and get incorporated to the (probably top) of the page https://csirt.cesnet.cz/cs/services/mentat (which also needs shortening and overhaul).
Updated by Pavel Kácha over 6 years ago
Attempt of czech version abbreviation. Tried to shorten the text and omit duplicate information, but leave most of the info in. The note about technical problems email (mentat-admin@cesnet.cz) may go to the webpage, also warning about Shadowserver'ish services possible delays.
Vážení kolegové,
naše detekční systémy zaznamenaly 3 událost(i) související s hostitelem
147.229.29.84, který patří do Vašeho rozsahu IP adres nebo domény s kontaktní
adresou abuse@vutbr.cz.
Report obsahuje události s NÍZKOU závažností. Zvažte prosím kontrolu
dotčených systémů a případnou nápravu zjištěných problémů.
Časové okno: 25. 7. 2018 9:00:00 - 26. 7. 2018 9:00:00 Europe/Prague (+02:00)
[1] Stroj se pokoušel o nějakou formu aktivního skenování.
Zdroj Výskyt první události Výskyt poslední události Počet Protokol
──────────────────────────────────────────────────────────────────────────────────────────────────────────────
147.229.29.84 25. 7. 2018 11:00:11 25. 7. 2018 16:59:21 3 tcp
──────────────────────────────────────────────────────────────────────────────────────────────────────────────
Další informace: https://csirt.cesnet.cz/cs/services/eventclass/recon-scanning
Report pro tuto IP je dostupný také na adrese:
https://mentat-hub.cesnet.cz/mentat/reports/RQDbHcRAQ364MlIlBgKz/unauth
Souhrnný report je dostupný na adrese:
https://mentat-hub.cesnet.cz/mentat/reports/DV8Yb49253pcG33Bnjos/unauth
Kompletní dostupné informace k jednotlivým událostem lze nalézt v přiložených
strojově zpracovatelných souborech (doporučujeme JSON, kde jsou data úplná).
Zpráva byla vygenerována automatizovaným systémem. Pro komunikaci o událostech
proto prosím použijte kontaktní emailovou adresu <certs@cesnet.cz> a pro snazší
orientaci ponechte v předmětu zprávy identifikátor [M20180726EL-R0XPI].
Za spolupráci Vám předem děkuje
Bezpečnostní tým CESNET-CERTS <certs@cesnet.cz>
If summary:
Report je dostupný také na adrese:
https://mentat-hub.cesnet.cz/mentat/reports/RQDbHcRAQ364MlIlBgKz/unauth
If attachments disabled:
Kompletní dostupné informace k jednotlivým událostem lze nalézt ve strojově
zpracovatelných souborech webové verze reportu (doporučujeme JSON, kde jsou data úplná).
V nastavení reportování pro Vaši kontaktní adresu je vypnuto zasílání mailových příloh.
I presume the date of generation is in the Date of the email.
Updated by Pavel Kácha over 6 years ago
- Assignee changed from Pavel Kácha to Jan Mach
Attempt at english version abbreviation.
Dear colleagues.
Our detection systems registered following possible problems related to host
XXX.XXX.XXX.XXX, belonging into your IP address range or domain with contact
address YYY@YYY.YY.
This report contains events with LOW severity. Please consider reviewing the
host systems and fix any possible issues.
Time window: XXXXXXXXXXXXXX - YYYYYYYYYYY UTC (+00:00)
Source First event time Last event time Count Protocol
──────────────────────────────────────────────────────────────────────────────────────────────────────────────
147.229.29.84 25. 7. 2018 11:00:11 25. 7. 2018 16:59:21 3 tcp
──────────────────────────────────────────────────────────────────────────────────────────────────────────────
Report for this IP is also available at:
https://mentat-hub.cesnet.cz/mentat/reports/RQDbHcRAQ364MlIlBgKz/unauth
Summary report is available at:
https://mentat-hub.cesnet.cz/mentat/reports/DV8Yb49253pcG33Bnjos/unauth
Complete information available for each event can be found in the attached
machine-processable files (we recommend JSON, which bears full data).
The message has been generated by an automated system. For further communication
regarding events please use the contact email address certs@cesnet.cz and keep the
identifier [M20180726EL-R0XPI] in the email subject for easier orientation.
Thank you in advance for you cooperation
CESNET-CERTS Computer Security Team <certs@cesnet.cz>
If summary:
Report is also available at:
https://mentat-hub.cesnet.cz/mentat/reports/DV8Yb49253pcG33Bnjos/unauth
If attachments disabled:
Complete information available for each event can be found in the machine-processable files of the web version of the report (we recommend JSON, which bears full data). Appending attachments is disabled in the reporting settings for your contact address.
Updated by Pavel Kácha over 6 years ago
- Related to Task #4236: Reorganize content on https://mentat.cesnet.cz and https://csirt.cesnet.cz/cs/services/mentat web pages added
Updated by Jan Mach about 6 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 70
Updated by Jan Mach about 6 years ago
- Related to Feature #4232: Do not attach too big data attachments to reports added
Updated by Jan Mach about 6 years ago
- Status changed from In Progress to Resolved
- Assignee changed from Jan Mach to Pavel Kácha
- % Done changed from 70 to 100
I now consider this issue to be resolved. In my opinion further abbreviations of the report content will not make the report more useful and readable.
Updated by Pavel Kácha about 6 years ago
- Status changed from Resolved to Closed
Actions