Help Center
File Audit Endpoint Security File Analysis Risk Analysis Release NotesQuick Start
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting datasecurity plus
- Launching datasecurity plus
- Configuring your solutions
Setting up File Audit
Dashboard
Reports
Alerts
Incidents
Advanced configurations
- Predefined audit reports
- Creating new audit reports
- Creating new alert profiles
- Creating new incident profiles
- Configuring exclusion-based settings
- Configuring retention and archive settings
Setting up Endpoint Security
Reports
Advanced configurations
- Predefined policies
- Creating new policies
- Predefined audit profiles
- Creating new audit profiles
- Predefined incident profiles
- Creating a new incident
- Exclude configuration
Setting up File Analysis
Dashboard
Reports
Incidents
Configuration
Setting up Data Risk Assessment
DashboardReports
Advanced configuration
- Predefined policies
- Creating new policies
- Predefined rules
- Creating new rules
- Creating new incident profiles
- Scan configuration
About DataSecurity Plus
How-To
Quick Start File Audit Endpoint Security Risk Analysis File Analysis About DataSecurity Plus Release notes Contact usContact us
2019
2018
2017
2016
2015
Account Logon » Default Port Configuration
Configuring a new incident
To configure events as incidents in the File Analysis module:
- Go to the File Analysis tab > Configuration.
- On the left-hand menu, go to Settings > Incident Configuration.
- Click the Create Incident button in the top-right corner.
- On the next page, name and describe the new incident.
- From the drop-down, classify the incident based on Severity.
- Under Criteria, provide details on the event to be configured as an incident with the Include configuration.
- To narrow down the reports and reduce false positives, you can choose to add details in the Exclude configuration tab.
- Once you have described the criteria to classify an event as an incident, you can configure a suitable response to the incident under the Response tab.
- Once you have chosen one or multiple responses, click Save.
Tip:Scripts are by far the most underrated response strategy. You can run scripts to shut down servers, end user sessions, disable accounts, and much more. Do you want to request a custom response? Get in touch with our support team.