Outbound Transfer Attempts
The Outbound Transfer Attempts machine learning model monitors outbound traffic usage for each user and alerts on abnormal behavior.
Enable the Outbound Transfer Attempts model to display outbound traffic usage for each user on the User Details page. When the actual number of transfer attempts exceeds the model’s predicted number, a Sense Event is generated to increase the user’s risk score.
Event name
UBA : Abnormal Outbound Transfer Attempts
sensevalue
5
Required configuration
Custom event property Bytes Sent must exist for the desired log source type.
Log source types
Pulse Secure Pulse Connect Secure, Fortinet FortiGate Security Gateway, Blue Coat SG Appliance, Juniper SRX Series Services Gateway, Microsoft ISA, Citrix NetScaler