UEBA : Large Outbound Transfer by High Risk User
The QRadar® User Entity Behavior Analytics (UEBA) app supports use cases based on rules for certain behavioral anomalies.
UEBA : Large Outbound Transfer by High Risk User
Enabled by default
False
Default senseValue
15
Default senseValueSource
15
Default senseValueDestination
15
Description
Detects an outbound transfer of 200,000 bytes or more by a high risk user.
Support rules
BB:UBA : Common Event Filters