Alerting: Rule Library Panel

Document created by RSA Information Design and Development on Sep 12, 2017Last modified by RSA Information Design and Development on Oct 10, 2017
Version 5Show Document
  • View in full screen mode
 

The Rule Library panel allows you to manage rules.

What do you want to do?

                                 
Role I want to ...Show me how
Content ExpertAdd an ESA rule.

Add a Rule Builder Rule

Content ExpertEdit, duplicate, or delete an ESA rule.Edit, Duplicate or Delete a Rule
Content ExpertImport or export ESA rules.

Import or Export Rules

Content ExpertFilter the ESA rules list.

Filter or Search for Rules

Related Topics

Rule Library Panel

To access this view, go to CONFIGURE > ESA Rules. The Rules tab is displayed and the Rule Library panel is on the right.

The following figure shows the Rule Library panel.

Rule Library Panel

The Rule Library panel includes the following components:

  • Rule Library toolbar
  • Rule Library list

Rule Library Toolbar

The Rule Library toolbar allows you to add, delete, edit, duplicate, filter, export, and import ESA rules. The following figure shows the icons for these actions.

Rule Library toolbar

Rule Library List

The following figure shows the Rule Library list.

Rule Library List

The Rule Library list shows all the ESA rules that have been downloaded from RSA Live or created in the Advanced EPL and Rule Builder tabs. The following table lists the columns in the Rule Library list and their description.

                                      
ColumnDescription
Rule NamePurpose of the ESA rule.
DescriptionSummary of what the ESA rule detects.
Trial RuleDeployment mode to see if the rule runs efficiently.
TypeThe type of rule.
Actions
(Actions icon)
Menu to delete, edit, duplicate, or export the selected rule.
SeverityThreat level of alert triggered by the rule.
EmailIndicates whether an alert notification for the rule is sent by email. This column is not visible by default.
SnmpIndicates whether an alert notification for the rule is sent using SNMP. This column is not visible by default.
SyslogIndicates whether an alert notification for the rule is sent using Syslog. This column is not visible by default.
ScriptIndicates whether an alert notification for the rule executes a script. This column is not visible by default.
Last ModifiedThe date and time when the ESA rule was last modified. This column is not visible by default.

To display columns which aren't visible by default, hover over the title of a column and click the v on the right. This opens a drop-down menu in which you can sort the contents of the column or choose which columns you want to see in the Rule Library list.

Column Menu options

Previous Topic:Options Panel
Next Topic:Deployment Panel
You are here
Table of Contents > ESA Alert References > RulesTab > Rule Library Panel

Attachments

    Outcomes