- Advanced Analytics
- Understand the Basics of Advanced Analytics
- Configure Log Management
- Set Up Admin Operations
- Set Up Authentication and Access Control
- Additional Configurations
- Configure Rules
- Exabeam Threat Intelligence Service
- Threat Intelligence Service Prerequisites
- View Threat Intelligence Feeds
- Threat Intelligence Context Tables
- View Threat Intelligence Context Tables
- Assign a Threat Intelligence Feed to a New Context Table
- Create a New Context Table from a Threat Intelligence Feed
- Check ExaCloud Connector Service Health Status
- Exabeam Cloud Telemetry Service
- Manage Security Content in Advanced Analytics
- Health Status Page
Understand the Basics of Advanced Analytics
This section provides information about the components of Advanced Analytics, and how they work together. Some aspects of the components vary depending on which version of Advanced Analytics you are using. These differences are noted throughout the guide as follows:
i63 and later – This designation applies to the latest SaaS version of Advanced Analytics. In this version:
The Log Ingestion and Messaging Engine (LIME) has been replaced by a unified ingestion pipeline (UIP) that centralizes log ingestion activities for all Exabeam products. Visibility into the unified ingestion pipeline is provided in the cloud-native Log Stream functionality.
Log parsing, field compliance, and event building are all based on a hierarchical common information model that informs the data structure for all Exabeam products.
Search and presentation functionality that used to be performed in Data Lake are now available in cloud-native Search and Dashboard applications.
i60 to i62 – This designation applies to the legacy SaaS version of Advanced Analytics. In this version:
LIME continues to handle log ingestion functionality.
The information model in use is specific to Advanced Analytics only.
Data Lake still provides log management, search, and presentation functionality.