This is the start screen which allows for specification of search values.
The Query Time specifies what time period to display or search in the Snort® database.
If multiple Snort® sensors are defined, the search may be limited to a specified sensor.
The Optional IP address is used to limit the display to a specific IP when investigating malicious activity.
If the AutoUpdate option is checked, the next screen will automatically update at the specified interval giving you a realtime view of attack signature activity.
NOTE: Screen shots have been resized, some image artifacts may be present.