Creating a rule¶
Each rule can be enabled or disabled anytime. When a rule is enabled, the system will automatically onboard or send to quarantine matching accounts according to the given rule actions. The rules apply to just discovered accounts but not to the accounts that are already onboarded or sent to quarantine by the rules. In practice, it means that after a particular rule is changed, its actions will be applied to the accounts that were discovered after the changes are saved.
In order to create a rule, proceed as follows:
- Select > >
- Click
- Enter rule’s name.
- Optionally, enter rule’s description.
- In Configuration section:
5.1. Select Account category (
privileged
,non-privileged
orall
).5.2. In the Account name field select
consists
,starts with
orends with
and provide a specific string for the target account name(s).5.3. Define Actions:
5.3.1. Send to quarantine or
5.3.2. Onboard by adding the discovered accounts to the Safe and/or Listener. Please note that listeners with bastion mode are supported only.
- Click .
Related topics: