Help CenterFile Audit Endpoint Security File Analysis Risk Analysis Release Notes
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting datasecurity plus
- Launching datasecurity plus
- Configuring your solutions
Setting up File Audit
- Predefined audit reports
- Creating new audit reports
- Creating new alert profiles
- Creating new incident profiles
- Configuring exclusion-based settings
- Configuring retention and archive settings
Setting up Endpoint Security
Setting up File Analysis
Setting up Data Risk AssessmentDashboard
About DataSecurity Plus
How-ToQuick Start File Audit Endpoint Security Risk Analysis File Analysis About DataSecurity Plus Release notes Contact us
Configuring a new incident
To configure events as incidents in the File Analysis module:
- Go to the File Analysis tab > Configuration.
- On the left-hand menu, go to Settings > Incident Configuration.
- Click the Create Incident button in the top-right corner.
- On the next page, name and describe the new incident.
- From the drop-down, classify the incident based on Severity.
- Under Criteria, provide details on the event to be configured as an incident with the Include configuration.
- To narrow down the reports and reduce false positives, you can choose to add details in the Exclude configuration tab.
- Once you have described the criteria to classify an event as an incident, you can configure a suitable response to the incident under the Response tab.
- Once you have chosen one or multiple responses, click Save.
Tip:Scripts are by far the most underrated response strategy. You can run scripts to shut down servers, end user sessions, disable accounts, and much more. Do you want to request a custom response? Get in touch with our support team.