Alerting: Deployment Panel

Document created by RSA Information Design and Development on Sep 12, 2017Last modified by RSA Information Design and Development on Sep 12, 2018
Version 8Show Document
  • View in full screen mode
 

ESA deployments map rules from your rule library to the appropriate ESA Services and data sources. The Deployment panel (CONFIGURE > ESA Rules > Rules tab) enables you to create and configure ESA deployments that specify:

  • ESA Services
  • ESA Rules

When you are ready to start aggregating data and generating alerts from an ESA deployment, you deploy the ESA deployment to activate it.

What do you want to do?

                       
Role I want to ...Show me how
Content Expert

Add a deployment.

Deployment Steps

Content Expert

Manage deployments.

Additional Deployment Procedures

Related Topics

Deployment Panel

The following figure shows the Deployment panel.
Rules Tab Deployment Panel

ESA Services

In the ESA Services section, you can manage each ESA service in the deployment.

The following table describes the actions you can perform in the ESA Services section.

                    
TaskDescription
Add icon Adds an ESA service to the deployment. 
Delete icon Removes the selected ESA service from the deployment.

The following table describes the columns in the ESA Services section.

                               
TitleDescription
StatusIndicates if the deployment status is AddedDeployedUpdated, or Failed.
NameName of the ESA service.
AddressIP address of the host where the ESA service is installed.
VersionVersion of the ESA service.
Last Deployment DateThe date and time when the ESA service was last deployed.

Deployment Options

There are two deployment options below the Services section. These options apply to the entire ESA deployment.

The following table describes these deployment options.

                    
TaskDescription
Show UpdatesEnables you to view a history of updates to the deployment.
Deploy NowActivates the ESA deployment. The selected ESA service starts aggregating data and generating alerts using the specified ESA rules in the deployment. You need to add ESA Rules to the deployment before deploying the ESA deployment.

ESA Rules

In the ESA Rules section, you manage rules in the deployment. This section lists all rules that are currently in the deployment. 

The following table describes the actions you can perform in the ESA Rules section.

                            
TaskDescription
Add icon Opens the Deploy ESA Rules dialog, where you can select a rule.
Delete icon Removes the selected ESA rules from the deployment.
Filter icon Filters the list of rules.
Search field Enables you to search for a rule.

The following table describes the columns in the ESA Rules section.

                                     
TitleDescription
StatusIndicates the rule status:
  • Deployed - the rule is deployed.
  • Updated - the rule has been updated since the last deployment.
  • Added - the rule has been added since the last deployment.
  • Failed - the deployment failed.
Rule NameDescribes the purpose of the ESA rule.
Trial RuleIndicates whether the rule is Deployment mode to see if the rule runs efficiently.
SeverityShows the threat level of alert triggered by the rule.
TypeShows the type of the ESA rule: Rule Builder, Advanced EPL, or RSA Live ESA (Downloaded from RSA Live).
Email, SNMP, Syslog, ScriptIndicates which notification types are used for alerts generated by the rules.
Last ModifiedShows the date and time when the ESA rule was last modified.

 

Previous Topic:Rule Library Panel
You are here
Table of Contents > ESA Alert References > RulesTab > Deployment Panel

Attachments

    Outcomes