|Applies To||RSA Product Set: Web Threat Detection|
RSA Product/Service Type: Forencics
RSA Version/Condition: All
|Resolution||Overview of the elements of user/guid mapping in WTD|
A guid must be present in the web session traffic. The guid must be unique and present throughout the session, it can change within the session and such changes can be followed by a guidFollower (see below)
guid is defined as an attribute containing the GUID which will be read from the txn.
next-guid is an attribute to hold the next GUID when it changes during a session, read from the txn
guidOut is an attribute to hold the GUID which will be written into the txn.
prevGuidOut is an attribute to hold the previous GUID (in a GUID following sense) which will be written into the txn.
userOut is an attribute to hold the user which will be written into the txn.
user-from-login is an attribute which (in this example) hold the user id read from the transaction.
Silver Surfer is responsible for the user mapping and must be configured with the above attributes in it mapping section where it needs the relation of the above attributes to be defined along with the guidFollower
The login section defines where and when to find the user id in the session, this is usually only found at login for example.
guidFollower - Defines a relationship between two attributes containing GUID values, in which one represents the current value and the other represents the next value. Uses guid and next-guid (above)