Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Custom Policy Violation - Aggragate By User

    Posted 01-21-2021 09:02
    Hi All,
    We have set up several Custom Policy Violations and we want to aggregate them By user name and not by Source IP.
    Please help, I didn't found any where in the documentation how to do it.

    Regards,
    Oded
    #DatabaseActivityMonitoring

    ------------------------------
    Oded Raz
    Brillix
    ------------------------------


  • 2.  RE: Custom Policy Violation - Aggragate By User

    Posted 02-23-2021 19:06
    Edited by Orkun Utku 02-23-2021 19:06

    Hello Oded,

    As far as I understand you have aggregated them by source IP. Am I right?

    First of all do you see users in the violations? If you see you have the chance to filter them by User Name.

    You can check below given link

    https://docs.imperva.com/bundle/v14.1-database-activity-monitoring-user-guide/page/1055.htm

     

    As you know similar violations are analyzed, correlated and assigned to alerts. Please have a look at the link given below.

    https://docs.imperva.com/bundle/v13.6-database-activity-monitoring-user-guide/page/1024.htm

     
    Hope it answers your question.

    Best Regards



    ------------------------------
    Orkun Utku
    Customer Success Manager
    Belfast
    ------------------------------