Use this setting to specify business hours in your organization. Activity happening outside this time frame will be flagged.
- Navigate to Settings → Business Hours and enable the Configure Business Hours option.
- Use the drop-down to determine the start and end of the working day.
- Select the working days from the drop-down.
- Click Save.
- Navigate to Settings → Personalize Settings.
- Select the desired date/time format using the drop-down.
- Navigate to Settings → Privacy Settings
- Enable the Enforce GDPR Compliance option if you are required to comply with the GDPR. Enabling this option will increase your privacy by masking your IP, email addresses, etc.
- Select the Help us improve the product by sending usage statistics option If you would like to share your usage statistics.
- Select Enable password protection option for redistributed and exported reports if you would like to password protect the reports sent via email or exported in PDF, XLS, CSV and XLS formats.
- Enter and confirm the password.
Follow the steps below to create technicians in Log360 UEBA.
- Navigate to Settings → Technicians.
- Click Add New Technician.
- Enter a login name and password, re-enter the password, and select the role you wish to assign to the technician.
- Click Add.
Follow the steps below to set up the mail server and receive notifications from Log360 UEBA.
- Navigate to Settings → Server Settings.
- Enter the mail server name and port, choose the protocol that will be used to establish a secure connection, and specify the sender's and admin's email address.
- Enable the Licence Expiry and Application Downtime notification options, if you wish to receive emails informing you of these events.
- Click Save.
Follow the steps below to add users from a domain for monitoring.
- Navigate to Settings → Domain Settings.
- Click Configure Domain. Enter the Domain name, Domain Controller name, Username, and Password, and set the Sync Scheduler. The value set for Sync Scheduler is when the product retrieves domain user data to check for updates. By default, the product does this at 02.00 hrs every day.
- Click Save. Once the domain is added, users from the domain are automatically imported for monitoring.
Risk Score Customization
You can customize the risk score based on the category, weight and decay factor of the anomaly.
This value denotes the importance of an anomaly based on its type and the user. This value can be customized.
This value denotes the reduction in the value of recorded anomaly information with time. The information loses its credibility if it isn't used properly.
You can add new card groups or remove existing cards based on the requirements of the organization.
- Navigate to Settings → Risk Score Customization.
- Enter the required weight and decay factor values. You can add child groups to the cards and specify the anomalies to be included in them. You can also specify their weight and decay factor values.
- Click Update.