Hello

I would like to know if it is possible to use in event rules the reference table where my users are imported from LDAP to be used in UBA. I want to create a rule that search if username in events matches with any of my user from my Active Directory, but when I try to add UBA LDAP (UBA_Default) users reference table in the rule condition, this reference table is not available. Is there any way to use this table or to search in events my Active Directory users imported?

Thanks in advanced

------------------------------
ACG
------------------------------

Hello)

Yes it is possible. I`m use this BB when create rules:

------------------------------
Vadim Novikov
SOC Engineer
IT-Specialist
Kiev
+380972970792
------------------------------

Original Message:
Sent: Fri September 13, 2019 06:43 AM
From: A CG
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello

I would like to know if it is possible to use in event rules the reference table where my users are imported from LDAP to be used in UBA. I want to create a rule that search if username in events matches with any of my user from my Active Directory, but when I try to add UBA LDAP (UBA_Default) users reference table in the rule condition, this reference table is not available. Is there any way to use this table or to search in events my Active Directory users imported?

Thanks in advanced

------------------------------
ACG
------------------------------

Hello Vadim

I've tried to use that type of rule, but when I'm going to select the "reference table key", UBA_Default is not available to select in the list. I can select others like "Anonymizer IPs Data --> PRIMARY_KEY" or "Botnets IPs Data --> PRIMARY_KEY". Why Can't I select UBA reference table?

Thanks in advanced

------------------------------
A CG
------------------------------

Original Message:
Sent: Fri September 13, 2019 07:29 AM
From: Vadim Novikov
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello)

Yes it is possible. I`m use this BB when create rules:

------------------------------
Vadim Novikov
SOC Engineer
IT-Specialist
Kiev
+380972970792

Original Message:
Sent: Fri September 13, 2019 06:43 AM
From: A CG
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello

I would like to know if it is possible to use in event rules the reference table where my users are imported from LDAP to be used in UBA. I want to create a rule that search if username in events matches with any of my user from my Active Directory, but when I try to add UBA LDAP (UBA_Default) users reference table in the rule condition, this reference table is not available. Is there any way to use this table or to search in events my Active Directory users imported?

Thanks in advanced

------------------------------
ACG
------------------------------

Hi!

Could you solve this problem? I have a similar one.

Greetings
Bruno

------------------------------
Bruno Oliveira
------------------------------

Original Message:
Sent: Tue September 17, 2019 04:23 AM
From: A CG
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello Vadim

I've tried to use that type of rule, but when I'm going to select the "reference table key", UBA_Default is not available to select in the list. I can select others like "Anonymizer IPs Data --> PRIMARY_KEY" or "Botnets IPs Data --> PRIMARY_KEY". Why Can't I select UBA reference table?

Thanks in advanced

------------------------------
A CG

Original Message:
Sent: Fri September 13, 2019 07:29 AM
From: Vadim Novikov
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello)

Yes it is possible. I`m use this BB when create rules:

------------------------------
Vadim Novikov
SOC Engineer
IT-Specialist
Kiev
+380972970792

Original Message:
Sent: Fri September 13, 2019 06:43 AM
From: A CG
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello

I would like to know if it is possible to use in event rules the reference table where my users are imported from LDAP to be used in UBA. I want to create a rule that search if username in events matches with any of my user from my Active Directory, but when I try to add UBA LDAP (UBA_Default) users reference table in the rule condition, this reference table is not available. Is there any way to use this table or to search in events my Active Directory users imported?

Thanks in advanced

------------------------------
ACG
------------------------------

But you should know that some data in this table is dynamical !

Be careful with rules.

------------------------------
Vadim Novikov
SOC Engineer
IT-Specialist
Kiev
+380972970792
------------------------------

Original Message:
Sent: Fri September 13, 2019 06:43 AM
From: A CG
Subject: Use UBA LDAP reference table (UBA_Default) in event rules

Hello

I would like to know if it is possible to use in event rules the reference table where my users are imported from LDAP to be used in UBA. I want to create a rule that search if username in events matches with any of my user from my Active Directory, but when I try to add UBA LDAP (UBA_Default) users reference table in the rule condition, this reference table is not available. Is there any way to use this table or to search in events my Active Directory users imported?

Thanks in advanced

------------------------------
ACG
------------------------------