Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER
------------------------------

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier
------------------------------

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER
------------------------------

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier
------------------------------

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Rodrigo

See outlier detection in the knowledge center. It describes enabling and fine tuning outlier detection, and an overview of outliers in the investigation dashboard.

Jill

------------------------------
JILL GOLDBERG
------------------------------

Original Message:
Sent: Tue June 16, 2020 08:18 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Jill,

Thank you!

Regards,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Original Message:
Sent: Wed June 17, 2020 03:01 AM
From: JILL GOLDBERG
Subject: Outlier Detection

Hi Rodrigo

See outlier detection in the knowledge center. It describes enabling and fine tuning outlier detection, and an overview of outliers in the investigation dashboard.

Jill

------------------------------
JILL GOLDBERG

Original Message:
Sent: Tue June 16, 2020 08:18 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Rodrigo,

Please let me know if you need further assistance enabling outliers, configuring or understanding the results.

Regards,
Miri Levy
Guardium

------------------------------
MIRI LEVY
------------------------------

Original Message:
Sent: Wed June 17, 2020 07:47 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Jill,

Thank you!

Regards,
Rodrigo

------------------------------
Rodrigo Xavier

Original Message:
Sent: Wed June 17, 2020 03:01 AM
From: JILL GOLDBERG
Subject: Outlier Detection

Hi Rodrigo

See outlier detection in the knowledge center. It describes enabling and fine tuning outlier detection, and an overview of outliers in the investigation dashboard.

Jill

------------------------------
JILL GOLDBERG

Original Message:
Sent: Tue June 16, 2020 08:18 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Levy,

Thank you.  I´ll let you know if a need further assistance.

Best regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier
------------------------------

Original Message:
Sent: Mon June 22, 2020 02:57 AM
From: MIRI LEVY
Subject: Outlier Detection

Hi Rodrigo,

Please let me know if you need further assistance enabling outliers, configuring or understanding the results.

Regards,
Miri Levy
Guardium

------------------------------
MIRI LEVY

Original Message:
Sent: Wed June 17, 2020 07:47 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Jill,

Thank you!

Regards,
Rodrigo

------------------------------
Rodrigo Xavier

Original Message:
Sent: Wed June 17, 2020 03:01 AM
From: JILL GOLDBERG
Subject: Outlier Detection

Hi Rodrigo

See outlier detection in the knowledge center. It describes enabling and fine tuning outlier detection, and an overview of outliers in the investigation dashboard.

Jill

------------------------------
JILL GOLDBERG

Original Message:
Sent: Tue June 16, 2020 08:18 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi Levy,

It makes a long time about this topic here.  But the questions still remains...;-).
All components about quick search, outlier and threat analysis is already enabled in the customer Guardium architecture.  But the customer wants to see an outlier event triggered.  They didn´t see anyone until now.  They´ve tried testing send some commands against the database as creating a new table and accessing it.  According to the customer, these activities never were done before.  But no outlier event was triggered.  How is the best simulation/test that you can suggest to do against the monitored database to trigger an outlier accurately?

Regards,
Rodrigo


------------------------------
Rodrigo Xavier
------------------------------

Original Message:
Sent: Mon June 22, 2020 02:57 AM
From: MIRI LEVY
Subject: Outlier Detection

Hi Rodrigo,

Please let me know if you need further assistance enabling outliers, configuring or understanding the results.

Regards,
Miri Levy
Guardium

------------------------------
MIRI LEVY

Original Message:
Sent: Wed June 17, 2020 07:47 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Jill,

Thank you!

Regards,
Rodrigo

------------------------------
Rodrigo Xavier

Original Message:
Sent: Wed June 17, 2020 03:01 AM
From: JILL GOLDBERG
Subject: Outlier Detection

Hi Rodrigo

See outlier detection in the knowledge center. It describes enabling and fine tuning outlier detection, and an overview of outliers in the investigation dashboard.

Jill

------------------------------
JILL GOLDBERG

Original Message:
Sent: Tue June 16, 2020 08:18 AM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Can you share this document?

Regards,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Tue June 16, 2020 03:51 AM
From: ODED SOFER
Subject: Outlier Detection

Hello
There is a document that explains how to enable and how to troubleshoot.
If you need help with specific case, let me know and I will assign someone to work with you. 
I will be glad to help

------------------------------
ODED SOFER

Original Message:
Sent: Mon June 15, 2020 04:11 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi Oded,

Thanks for your answer.
But did you have some problems to enable and to start to receive events in outlier?  Something that you can remember and share?
Everything you did to enable the outlier works immediatly?

Thanks again,
Rodrigo Xavier

------------------------------
Rodrigo Xavier

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi @ODED SOFER ,

I have a problem with 'Analytic User Feedback'.

I want to change some columns because the original report is insufficient for me.

So I make a copy:
​....I always have this error:



------------------------------
Paolo Guerra
------------------------------

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------

Hi @Paulo Cesar Guerra Braga
There seems to be a bug in the metadata of that specific report.
I am investigating it
Please open a support case and ask that it is escalated to me.

​

------------------------------
GUY GALIL
------------------------------

Original Message:
Sent: Mon May 17, 2021 09:59 AM
From: Paolo Guerra
Subject: Outlier Detection

Hi @ODED SOFER ,

I have a problem with 'Analytic User Feedback'.

I want to change some columns because the original report is insufficient for me.

So I make a copy:

And even without making any changes compared to the original.....

​....I always have this error:

Why? Can you help me please?

paolo (italy)

------------------------------
Paolo Guerra

Original Message:
Sent: Mon June 15, 2020 12:28 AM
From: ODED SOFER
Subject: Outlier Detection

Hi,

Yes, it is in use by many customers.
I am not allowed to share examples of findings.
It is in use to review and investigate the findings, in most cases the findings are distributed among people (using the Audit Process) and customers are using the "User Feedback" to eliminate data-element from future analysis. I.e., remove Objects (tables) like Temporary Objects that cause "white noise" (usually by wildcard), likewise to eliminate servers and/or users.
The best practice is to have Audit Process in place for the outcome and assign automatically to people to review and investigate.


------------------------------
ODED SOFER

Original Message:
Sent: Tue May 26, 2020 12:31 PM
From: Rodrigo Xavier
Subject: Outlier Detection

Hi all,

Anyone with Guardium Outlier Detection experience that can share here with us?
Is this really works?  What were the problems detected during the implementation?

Thanks,
Rodrigo

------------------------------
Rodrigo Xavier
------------------------------