UBA : Yetkisiz Erişim

QRadar® User Behavior Analytics (UBA) uygulaması, bazı davranış anormallikleri için kurallara dayalı olarak kullanım senaryolarını destekler.

UBA : Yetkisiz Erişim

Varsayılan olarak etkin

Doğru

Varsayılan senseValue

10

Açıklama

Yetkisiz erişim etkinliklerinin bulunduğunu belirtir.

Destek kuralları

  • BB:UBA: Ortak Olay Süzgeçleri
  • BB:UBA: Access Denies
  • BB:UBA: Uygulama Denies

Günlük kaynağı tipleri

Akamai KONA, Amazon AWS CloudTrail, Application Security DbProtect, Arbor Networks Pravail, Arpeggio SIFT-IT, Array Networks SSL VPN Access Gateway, Aruba Mobility Controller, Avaya VPN Ağ Geçidi, Barracuda Spam & Virus Firewall, Barracuda Web Application Firewall, Barracuda Web Filter, Bit9 Security Platform, Blue Coat Web Security Service, BlueCat Ağları, Adoonis, Bridgewater Systems AAA Hizmet Denetleyicisi, Brocade FabricOS, CA ACF2,CA SiteMinder, CRE Sistemi, Karbon Siyah Koruma, Merkezci Sunucu Takımı, Denetim Noktası, Kişosoft QJRN/400®, Cisco AOS, Cisco Adaptive Security Appliance (ASA), Cisco Csa, Cisco Call Manager, Catalyst Anahtarlar için Cisco CatOS , Cisco IOS, Cisco Identity Services Engine, Cisco Intrusion Prevention System (IPS), Cisco IronPort, Cisco Nexus, Cisco PIX Güvenlik Duvarı, Cisco Wireless Hizmetleri Modülü (WiSM), Citrix NetScaler, Configurable Firewall Filter, CorreLog Agent for IBM® zOS, Custom Rule Engine, DCN DCS/DCRS Series, DG Technology MEAS, EMC VMWare, Enterass Matrix K/N/S Series Switch, Enterass XSR Security Router 'lar, Epik SIEM, Event CRE Injected, Extreme Dragon Network IPS, Aşırı Yığılabilir Ve Bağımsız Anahtarlar, F5 Ağları-BIG-IP-IP AFM, F5 Ağlar-BIG-IP ASM, FIDELIS XPS, FLOW CLASSIFICATION ENGINE, FORCEPOINT V SERISI, FORTINET FortiGate Security Gateway, Foundry Fatiron, H3C Comware Platform, HP Ağ Otomasyonu, HP Tandem, Honeycomb Lexicon File Integrity Monitor, Huawei S Serisi Anahtar, HyTrust CloudControl, IBM AIX® Server, IBM DB2®, IBM DataPower®, IBM Fiberlink ® MaaS360®, IBM Guardium ®, IBM IMS, IBM Lotus® Domino®, IBM Proventia Network Intrusion Prevention System (IPS), IBM Resource Access Control Facility (RACF ®), IBM Security Access Manager for Mobile, IBM Security Identity Manager, IBM Security Network IPS (GX), IBM Tivoli® Access Manager for e-business, IBM WebSphere® Application Server, IBM i, IBM z/OS®, IBM zSecure Alert, ISC BIND, Aydınlatio Uyarlanabilir Güvenlik Platformu, Imperva Incapsula, Imperva SecureSphere, Juniper Junos OS Platform, Juniper Networks Firewall and VPN, Juniper Networks Intrusion Detection and Prevention (IDP), Juniper Networks Network and Security Manager, Juniper WirelessLAN, Juniper vGW, Kaspersky Security Center, Kusco Information Systems SafeNet/i, Lieberman Random Password Manager, Linux® DHCP Server, Linux OS, Linux iptables Firewall, Mac OS X, McAfee Firewall Enterprise, McAfee IntruShield Network IPS Appliance, McAfee Web Gateway, McAfee ePolicy Orchestrator, Microsoft DHCP Server, Microsoft Exchange Server, Microsoft IAS Server, Microsoft IIS, Microsoft ISA, Microsoft Office 365, Microsoft Operations Manager, Microsoft SQL Server, Microsoft Windows Security Event Log, NCC Group DDos Secure, Nortel Contivity VPN Switch, Nortel Multiprotocol Router, Nortel VPN Gateway, OS Services Qidmap, OSSEC, Okta, Open LDAP Software, OpenBSD OS, Oracle Audit Vault, Oracle BEA WebLogic, Oracle Database Dinleyicisi, Palo Alto PA Serisi, PostFix MailTransferAracısı, ProFTPD Sunucusu, Proofpoint Kurumsal Koruma/Kurumsal Gizlilik, Pulse Secure Pulse Connect Secure, RSA Authentication Manager, Radware AppWall, Radware DefensePro, Riverbed SteelCentral NetProfiler Audit, SSH CryptoAuditor, STEALTHBIT StealthINTERCEPT, Solaris Operating System Authentication Messages, Solaris Operating System DHCP Logs, SonicWALL SonicOS, Sophos Astaro Security Gateway, Sophos Enterprise Console, Sophos Web Security Appliance, Squid Web Proxy, Stonesoft Management Center, Sun ONE LDAP, Symantec Critical System Protection, Symantec Endpoint Protection, Symantec Gateway Security (SGS) Appliance, Symantec System Center, Symark Power ® Broker, TippingPoint İzinsiz Giriş Önleme Sistemi (IPS), TippingPoint X Serisi Aygıtlar, Top Layer IPS, Trend InterScan VirusWall, Trend Micro Deep Security, Universal DSM, Venustech Venusense Security Platform, Vormetric Data Security, WatchGuard Fireware OS, Znecaer Nss, genua genugate, iT-CUbe agileSI