Introduction
Registration
Pre-Requirements & Initial Troubleshooting
Getting Started
Administration Guide
Troubleshooting
Release Notes
Page

Powered by GitBook

On this page

Was this helpful?

Administration Guide

Rules & Policies

Artifact Classification

PreviousRules & Policies NextPolicy Management

Last updated 4 months ago

This page displays the classification rules that the portal is using for the classification of the artifacts. The users can create/edit/clone and edit/delete the rules, based on their requirements. The "priority" column means which rule will be executed last and which one is more important.

Query Based Classification: This section displays query-based classification rules. The users can create/edit/clone and edit/delete the rules, based on their requirements.

List Based Classification: This section displays list-based classifications. The users can create/edit/clone and edit/delete the lists, based on their requirements.

List Types Management: This section displays list types. The users can create a new list type or edit an existing one. For default, a global white list is enabled and it can exclude entries from the sysmon collection.