Overview of Steps
The chart below provides information about each of the steps included in the New-Scale Analytics configuration process:
| Step | Component for Setup | Description | 
|---|---|---|
| Context Management → Internal Domains table | Populate the Internal Domains context table with your organization's internal domains to prevent them from being monitored as external domains. | |
| Log Stream → Event Filtering tab | Define an event filter and route events to the New-Scale Analytics engine in order to process against baseline behavior and to detect anomalies. | |
| Log Stream → Event Filtering tab | Define an event filter and route events to Attack Surface Insights in order to merge common identities across entities. | |
| Context Management | Create the filtered context tables that are necessary to support certain enrichment rules in Log Stream. | |
| Threat Detection Management | Enable the analytics rules in Threat Detection Manager and begin training the New-Scale Analytics engine to process events against baseline behavior and to detect anomalies. | |
| Context Management → Network Zones table | Populate the Network Zones context table with a list of network zone CIDR ranges and associated names in your environment. | |
| Attack Surface Insights | Configure the Attack Surface Insights rules that are required to unlock pre-built, tag-specific use cases in your environment. |