get_outliers_detection_info

Use this command to output: whether outliers is enabled, for DAM or FAM, the user mode, when the learning started, and the factory and current settings for outliers parameters.

This API is available in Guardium V9.5 and later.

GuardAPI syntax

get_outliers_detection_info parameter=value

Parameters

Parameter Value type Description
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

Examples

All parameters are described in set_outliers_detection_parameter.

To get the outliers detection parameter settings for the Guardium system on which you are logged in, enter:

grdapi get_outliers_detection_info
Sample output:
Analytic anomaly detection is enabled. (DAM)
Learning since: 2020-01-12 12:03:18

Factory settings
-----------------
alertsPerDay=24.0
budgetTrainingDays=14
cleanupKeepDays=90
clusteringScheduleIntervals=24
debugMode=false
demoMode=0
intervalAlertsThreshold=0.99
maxMessageAlertsSampleSizePerAlertType=5
maxMessageAlertsTopScores=20
messageAlertsThreshold=0.9
minDaysForAlerts=7
minNumIntervalsForFirstClustering=168
minNumIntervalsForIntervalScorers=20
minNumIntervalsForMessageScorers=20
nanny.duration.analysis=60m
nanny.duration.clean=30m
nanny.duration.maintenance=2h
nanny.duration.reconfig=5m
numOfAnalyzeThreads=-1
privUsersGroup=Admin Users
runCaseAnalysis=true
sensitiveFileGroup=Sensitive Files
sensitiveObjectGroup=Sensitive Objects

Current
-----------------
alertsPerDay=100
budgetTrainingDays=14
cleanupKeepDays=90
clusteringScheduleIntervals=1
debugMode=false
demoMode=1
intervalAlertsThreshold=0.5
maxMessageAlertsSampleSizePerAlertType=5
maxMessageAlertsTopScores=20
messageAlertsThreshold=0.9
minDaysForAlerts=0
minNumIntervalsForFirstClustering=1
minNumIntervalsForIntervalScorers=2
minNumIntervalsForMessageScorers=2
nanny.duration.analysis=60m
nanny.duration.clean=30m
nanny.duration.maintenance=2h
nanny.duration.reconfig=5m
numOfAnalyzeThreads=-1
privUsersGroup=Admin Users
runCaseAnalysis=true
sensitiveFileGroup=Sensitive Files
sensitiveObjectGroup=Sensitive Objects
ok