This panel can be viewed by selecting Alerts > Configure in the Security Analytics menu. The Rules tab is displayed automatically, and the Rule Library view is on the right.
You can perform the following tasks using the Rule Library view:
- Add an ESA rule
- Delete an ESA rule
- Edit an ESA rule
- Duplicate an ESA rule
- Import ESA rules
- Export an ESA rule
- Filter the ESA rules list
To access this view, in the Security Analytics menu, select Alerts > Configure. The Rules tab is displayed and the Rule Library view is on the right.
The following figure shows the Rule Library view.
The Rule Library view includes the following components:
- Rule Library toolbar
- Rule Library list
Rule Library Toolbar
The Rule Library toolbar allows you to add, delete, edit, duplicate, filter, export, and import ESA rules. The following figure shows the icons for these actions.
Rule Library List
The following figure shows the Rule Library list.
The Rule Library list shows all the ESA rules that have been downloaded from RSA Live or created in the Advanced EPL and Rule Builder tabs. The following table lists the columns in the Rule Library list and their description.
To display columns which aren't visible by default, hover over the title of a column and click the v on the right. This opens a drop-down menu in which you can sort the contents of the column or choose which columns you want to see in the Rule Library list.