Defining Time Groups
Many of the Firewall rules and reporting features take advantage of the unique Time Group feature. With time groups, users can apply predefined sets of time-based filters to different queries without having to define complex criteria for each query. Time groups also work with the Report Scheduler and the Display Activity Log features.
For example, you may be using different queries and reports to audit the activities of one group employees during normal working hours and a different group of employees during nights and weekends. This can be accomplished with just one time group using the following guidelines:
- Create a time group that defines normal working hours for each day of the week.
- Use an inclusive time group filter (for activities occurring during the time group periods) for each query or report that covers activity during normal working hours.
- Use an exclusive time group filter (activities not occurring during the time group periods) for each query or report covering activity outside of normal working hours.
One common use of time groups is as filter criteria in security rules, queries and reports. For example, time groups can be used to restrict the application of a rule to specific times and days of the week.
Time group filters can be either:
- Inclusive - Including all activities occurring during the time group periods
- Exclusive - Including all activities not occurring during the time group periods
Generally, an exclusive time group filter is indicated by placing an N (NOT) in the field immediately preceding the time group name field on the rule definition or query definition screen.
For example, you can use an exclusive time group filter to apply a rule to any time occurring outside of days and hours specified in the time group.
To create and modify time groups, select 31. Time Groups from the
The Define Time Groups screen appears:
| Define Time Groups Type options, press Enter. 1=Select 3=Copy 4=Delete Opt Time Group Description ALEXANDRA TEXT FOR ALEXANDRA ALON Special group ALONPP Special group ALON88 Special group CONF1 TEXT FOR CONF1 FRANCEWH SITE GROUP NEW TEXT FOR NEW VB123 Special group WORKHOURS Regular work hours WORKHOURS1 Regular work hours + 1 WORKHOURS2 Regular work hours + 2 WORKHOURS3 Regular work hours + 3 Bottom F3=Exit F6=Add new F8=Print list F12=Cancel |
Each line in the body of the screen refers to a single time group. After the standard Opt field, it shows a unique name for the Time Group and a free-form text Description.
To create a new time group, press the F6 key. The Add Time Group screen appears:
| Add Time Group Time Group . . . Description . . Type choices, press Enter From To From To Monday 0:00 0:00 0:00 0:00 Tuesday 0:00 0:00 0:00 0:00 Wednesday 0:00 0:00 0:00 0:00 Thursday 0:00 0:00 0:00 0:00 Friday 0:00 0:00 0:00 0:00 Saturday 0:00 0:00 0:00 0:00 Sunday 0:00 0:00 0:00 0:00 Note: If To is less than From it will be considered in the following day . Example: Monday 20:00 - 08:00 means Monday 20:00 till Tuesday 08:00. F3=Exit F12=Cancel F13=Repeat time F14=Clear time |
Enter a unique name for the time group in the Time Group field and a free-form description in the Description field.
The body of the screen has named lines for each day of the week.
Each line has two pairs of fields, with one named From and the other named To. Each pair specifies a time period during the day. For example, if workers had a shift from 8 AM to 5 PM, with a lunch break from noon to 1 PM, the line for each weekday would show times from 8:00 to 12:00 and from 13:00 to 17:00.
If the value of the To field is less than that of the From field, it signifies that the shift continues into the next calendar day. For example, an overnight shift From23:00To7:00 would run from 11 PM on that day through 7 AM on the next.
To repeat the entered times from the line containing the cursor to those for all other days, press the F13 (Shift+F1) key.
To clear the times from all the lines except for the one containing the cursor, press the F14 (Shift+F2) key.
Further Operations from the Define Time Groups Screen
To modify the times for an existing time group, enter 1 in the Opt field for that group. The Change Time Group screen appears, with the same set of fields as the Add Time Group screen.
To copy the settings from one time group to another, enter 3 in the Opt field for that group. The Copy / Replace Time-Group screen appears. The Time Group for the existing group appears in read-only From: fields. Enter the name of the new group in the To: Time Group field. If the group already exists, its settings are overwritten.
To delete a time group, enter 4 in the Opt field for that group. The Delete Time Group screen appears. Press Enter to confirm the deletion or the F12 key to cancel it.