HP Sygate Security Agent User Guide
Back Tracing Logged Events
Back tracing enables you to pinpoint the source of data from a logged event. Like retracing a
criminal’s path at a crime scene, back tracing shows the exact steps that incoming traffic has
made before reaching your device and being logged by the Agent.
Back tracing is the process of following a data packet backwards, discovering which routers
the data took to reach your device. In the case of a Security Log entry, you can trace a data
packet used in an attack attempt. Each router that a data packet passes through has an IP
address, which is provided in the Trace Route field.
You can back trace a logged event in the Security, Traffic, and System logs.
To back trace a logged event:
1. Open the log file and click an event so that the entire row is selected.
2. Either right-click and click BackTrace, or click Action|BackTrace.
The Agent begins back tracing the event.
3. The Back Trace Information dialog box appears.
36
