I have to migrate alerts to Envision to Security Analytics and i have
doubts, about it.How can I add?cache set: Name = user1 and Variable
Associate With = usernamefilter set: variable = username comparasion =
IN cache value = user1 Thanks
If you see the screenshots,there is a field CACHE SET with sourceIP
associate with variable client_ip. 2016-11-03 16:00 GMT+01:00 Naushad
Kasu :
Re: How to create
alert with variable set and filter set? reply from Naushad
Kasuin
RSA NetWitness Suite ...
Sorry, a question more. I have to definite SourceIP, could be: create
variable string sourceIp; Is correct?? 2016-11-03 15:54 GMT+01:00 Elena
Maria : Ok, thanks for all. Elena 2016-11-03
15:52 GMT+01:00 Naushad Kasu : >> >>
>> Re: How to create
alert...
Ok, thanks for all. Elena 2016-11-03 15:52 GMT+01:00 Naushad Kasu
:
Re: How to create
alert with variable set and filter set? reply from Naushad
Kasuin
RSA NetWitness Suite - View the full
discussion
Sorry and thanks. 2016-11-03 15:42 GMT+01:00 Naushad Kasu
:
Re: How to create
alert with variable set and filter set? reply from Naushad
Kasuin
RSA NetWitness Suite - View the full
discussion
I have something like that: Cache SetName Associate With
VariableSourceIP client_ipDevice SetDevice Group Name
OperatorWebServersEvent SetEvent Type/Device Type Comparison Value/Mask
OperatorEvent Category/apachewebuds IN Content.Web TrafficFilter
Se...
