Event Selection Features Introduced in 2022

December 2022

Feature	Description
Vendor and Product Visibility	Event Selection now includes vendor and product source information for each event selection statement. This information provides a familiar frame of reference for understanding the source of the activity types contained in each event selection statement. It provides verification that you are seeing the parsed traffic you expect, or if not, can raise awareness so you can modify the relevant event statements. On the Event Selection home page, the vendor and product information is displayed in a new Event Source column. This column shows which vendors and products have provided activity type information specified in a given event selection statement in the last 60 days. The vendor and product information is updated on a rolling basis. You can see the same vendor and product information when you create a new event selection statement. As you select a subject and activity types for the new statement, the corresponding vendor and product source information is displayed in a panel on the right. This panel shows which vendors and products have provided information about the selected subject or subject and activity type combination in the last 60 days. For more information see the Event Selection Guide.

Feature

Description

Vendor and Product Visibility

Event Selection now includes vendor and product source information for each event selection statement. This information provides a familiar frame of reference for understanding the source of the activity types contained in each event selection statement. It provides verification that you are seeing the parsed traffic you expect, or if not, can raise awareness so you can modify the relevant event statements.

On the Event Selection home page, the vendor and product information is displayed in a new Event Source column. This column shows which vendors and products have provided activity type information specified in a given event selection statement in the last 60 days. The vendor and product information is updated on a rolling basis.

You can see the same vendor and product information when you create a new event selection statement. As you select a subject and activity types for the new statement, the corresponding vendor and product source information is displayed in a panel on the right. This panel shows which vendors and products have provided information about the selected subject or subject and activity type combination in the last 60 days.

For more information see the Event Selection Guide.

November 2022

Feature	Description
Improvements	The November 2022 release consists of bug fixes and general UI improvements.

October 2022

Feature	Description
Introducing Event Selection	The Event Selection app is now available on the Exabeam Security Operations Platform. Event Selection enables you to selectively determine which events are passed to Advanced Analytics. No data will flow to Advanced Analytics unless it has been configured in Event Selection. With Event Selection, you can view, add, change, delete, and save event selection logic to deliver events by matching and comparing operations of parsed Common Information Model (CIM 2.0) fields, to ensure only necessary events are passed to Advanced Analytics. You can search for, edit and save a list of filter rules and then put those filters into effect. You are able to view a history of changes made to the selection logic including who made the changes, and what changes were made, to provide a security audit trail of activity. For more information see the Event Selection Guide.

Feature

Description

Introducing Event Selection

The Event Selection app is now available on the Exabeam Security Operations Platform.

Event Selection enables you to selectively determine which events are passed to Advanced Analytics. No data will flow to Advanced Analytics unless it has been configured in Event Selection.

With Event Selection, you can view, add, change, delete, and save event selection logic to deliver events by matching and comparing operations of parsed Common Information Model (CIM 2.0) fields, to ensure only necessary events are passed to Advanced Analytics. You can search for, edit and save a list of filter rules and then put those filters into effect.

You are able to view a history of changes made to the selection logic including who made the changes, and what changes were made, to provide a security audit trail of activity.

For more information see the Event Selection Guide.

Event SelectionEvent Selection Release Notes

Table of ContentsTable of Contents