Creating a Rule from Search
With the search result displayed in Analytics, follow the steps below to create a rule:
- From Actions drop-down, select Create Rule.
- A rule template is automatically created by copying over important Search parameters:
- Rule Sub-pattern Filters contain Search Filter conditions.
- Rule Sub-pattern Group By contain Search Display conditions.
- Rule Aggregate Conditions are set to COUNT(Matched Events) >= 1
- To complete the rule, do the following:
- Enter the Rule Name.
- Enter the Description.
- Set the right Severity.
- Select the Function.
- Adjust the Sub-pattern definition and Action.
- Click OK.
Copyright © 2018 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy
