Network Forensics & Security Analytics

 View Only

Security Analytics: Use Labels in Central Manager for better management and easier investigations.  

Aug 27, 2019 05:15 PM

In the Security Analytics Central Manager, you can use Labels as a great way to tag, organize, and create useful groups of Security Analytics sensors for easier management and investigation.

 

Here’s an example. A multi-national company with multiple sensors around the world wants to group their Security Analytics sensors by geographic location. They have 10 sensors in Asia, 15 in the US, and 7 in Europe. With minimal work, Asia, US, and Europe labels can be added to the appropriate sensors to simplify management. By filtering on those labels, reporting, threat hunting, and sensor management is a breeze. Here are some quick steps to set it up:

 

 

1. From the Central Management Console (CMC), go to the Sensors tab and use the Actions menu.

2. Add one or more labels to any number of sensors. This allows easy and arbitrary groupings.

3. Once labeled, sensors can be filtered from the CMC menu or from the Advanced Filter

 

Additional documentation on CMC Labels is found under View Multiple Sensors.

 

https://origin-symwisedownload.symantec.com/resources/webguides/security_analytics/ENG/80/Content/_CMC/multiple-sensor_environment.htm#View_Multiple_Sensors

 

All labels can be accessed via the API as well. This allows for quick labeling of many sensors.

https://origin-symwisedownload.symantec.com/resources/webguides/security_analytics/ENG/80/Content/_Reference/api/apis/central-mgr-api.htm

Statistics
0 Favorited
3 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.