Chatee ahora con Soporte
Chat con el soporte

Security Analytics Engine 1.2 - User Guide

Security Analytics Engine Overview Plugins Conditions Shared Policies Applications Auditing Issued Alerts Policy Overrides Fallback Password

Managing overrides on the Policy Overrides page

From the Policy Overrides page, you can manage the overrides originally created on the Auditing page.

IMPORTANT: Policy overrides must first be created on the Auditing page by selecting specific audit events. See Auditing page for more information.

NOTE: In cases where overrides have been disabled for a risk policy, the risk score is always reported regardless of whether there is an override in place for the user.

IMPORTANT: Since adding an override causes the Security Analytics Engine to return a risk score of 0, alerts will not be sent for the user until the override has expired.

See the following sections for more information:

Editing a policy override on the Policy Overrides page

IMPORTANT: Policy overrides must first be created on the Auditing page by selecting specific audit events. See Auditing page for more information.

NOTE: In cases where overrides have been disabled for a risk policy, the risk score is always reported regardless of whether there is an override in place for the user.

IMPORTANT: Since adding an override causes the Security Analytics Engine to return a risk score of 0, alerts will not be sent for the user until the override has expired.

To edit a policy override

  1. From the left pane, click Policy Override.
  2. Select the override to edit and click Edit to open the Modify Override dialog. For information on locating a specific override, see Filtering data on the Administration web site.
  3. The following information is displayed for the override:
    • Last Updated By: <nn> - The username of the administrator or help desk operator that last created or modified the override.

      NOTE: This field cannot be edited.
    • User Name - The name of the user to whom the override applies.

      NOTE: This field cannot be edited.
    • Browser ID - The browser ID to which the override applies.
    • User Address - The IP address to which the override applies.
    • Expires In - The time left before the override expires. The override must be in effect a minimum of 30 minutes.
  4. Click the Save button to save the changes to the override and close the dialog. The changes to the override are now in effect and alerting is still stopped for the user the specified expiration time.

Deleting a policy override on the Policy Overrides page

To delete a policy override

  1. From the left pane, click Policy Override.
  2. On the Policy Override page, use one of the following methods to delete a policy override:
    • Click the Edit button associated with the override to open the Modify Override dialog. Click the Delete button.
    • Select an override from the table, then click the Delete Selected Overrides button.

      NOTE: Use the Shift or Ctrl keys to select multiple overrides for deletion.
  3. A dialog displays confirming that you want to delete the selected override(s). Click the Delete button. Risk scores will now be reported and alerting will be enabled for the user.

Fallback Password

Topics:
Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación