Chatee ahora con Soporte
Chat con el soporte

Security Analytics Engine 1.2 - User Guide

Security Analytics Engine Overview Plugins Conditions Shared Policies Applications Auditing Issued Alerts Policy Overrides Fallback Password

Filtering the issued alerts

NOTE: Issued alerts follow the same retention settings as audit events.

The following procedure explains how to filter the alerts displayed in the Issued Alerts table. By default, the issued alerts for the current date are displayed.

To filter issued alerts

NOTE: Refreshing the screen removes filtering and returns the Issued Alerts page to its default settings.
  1. From the left pane, click Reports to open the Reports page.
  2. From the Reports page, click Issued Alerts to open the Issued Alerts page.
  3. In the From field, click anywhere in the field to display a calendar and select the start date. You can also manually edit the date in the field (mm/dd/yyyy).
  4. In the To field, click anywhere in the field to display a calendar and select the end date. You can also manually edit the date in the field (mm/dd/yyyy).
  5. In the Application(s) field, select to display alert information for all applications or a specific application.
  6. In the Max Records field, set the maximum number of records (1 to 10000) to return for the search. By default, this is 1000 records.
  7. Click the Search button to update the Issued Alerts table.
  8. To further filter the list of issued alerts, use the buttons to the right of each column heading. For more information, see To filter data.

Policy Overrides

Topics:

Introduction to overrides

The Policy Overrides page is used for viewing and managing all policy overrides that are currently in effect. These overrides must first be created using the Auditing page (see Adding a policy override for more information).

Policy Overrides page

This page allows you to view and manage override policies. The following information and buttons are displayed for each policy override:

User Name

The name of the user to whom the override applies.

User Address

The IP address of the user to which the override applies. This column appears blank if no user address is specified in the override.

Browser ID

The browser ID to which the override applies. This column appears blank if no browser ID is specified in the override.

Expiration

The date and time that the policy override expires. Once this date and time has been reached, the override no longer appears listed and the user will again be evaluated according to an application’s risk policy. The date and time are displayed according to the local time zone.

Countdown

Displays the time left before the override expires. Refresh the page to update the countdown.

Last Updated By

The username of the administrator or help desk operator that created or last edited the override.

Edit

Click this button to edit the selected override.

The following button appears at the bottom of the Policy Overrides page:

Delete Selected Overrides

Click this button to delete selected overrides. Once an override is deleted it will no longer be in effect for the user.

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación