This topic introduces the Security Analytics user interface and arguments for correlation rules.
The main Rules Tab section describes the toolbar common to all types of rules. This section introduces the user interface and arguments for basic correlation rules.
You can access this view by doing the following:
- In the Security Analytics menu, select Administration > Services.
- Select a service and >View > Config.
The Config view for the selected service is displayed.
- Click the Correlation Rules tab.
This is an example of the Correlation Rules tab.
This is an example of the Rule Editor dialog for a correlation rule.
The following table describes the Correlation rules and options.
The Rule Editor dialog provides the fields and options needed to define a network rule. The fields correspond exactly to the grid columns.
|Reset||Resets the contents of the dialog to their values before editing; changes are discarded.|
|Validate||Validates that the rule syntax is correct.|
|Cancel||Cancels any edits and closes the Rule Editor Dialog.|
|OK||Saves the new rule or edited rule, and adds it to the rules grid. The Rule Editor Dialog closes.|