CIP Events
By design, application detectors detect and event viewers display the same application one time per session. A CIP session can include multiple applications in different packets, and a single CIP packet can contain multiple applications. The CIP preprocessor handles all CIP and ENIP traffic according to the corresponding intrusion rule.
The following table shows the CIP values displayed in event views.
Event Field |
Displayed Value |
---|---|
Application Protocol | CIP or ENIP |
Client |
CIP Client or ENIP Client |
Web Application |
The specific application detected, which is:
|