- Get Started with Threat Detection Management
- Analytics Rules
- Analytics Rule Classifications
- Create an Analytics Rule
- Manage Analytics Rules
- Tune Analytics Rules
- Share Analytics Rules
- Troubleshoot Analytics Rules
- Analytics Rules Syntax
- Advanced Analytics Rule Syntax vs. Analytics Rule Syntax
- Logical Expressions in Analytics Rule Syntax
- String Operations Using Analytics Rule Syntax
- Integer Operations Using Analytics Rule Syntax
- Time Operations Using Analytics Rule Syntax
- Network Operations Using Analytics Rule Syntax
- Context Operations Using Analytics Rule Syntax
- Entity Operations Using Analytics Rule Syntax
- Correlation Rule Operations Using Analytics Rule Syntax
- Analytics Engine Status
- Correlation Rules
- Threat Scoring
Enable Analytics Rules
Enable analytics rules to activate them and allow them to trigger in your environment.
You can enable only a limited number of analytics rules. To review the maximum number of analytics rules you're allowed to enable, under the Threat Detection Management Analytics Rules tab, navigate to the Limit chart:
 |
Under Exabeam Rules, view the number of pre-built analytics rules enabled compared to the maximum your entitlement allows. Under Custom Rules, view the number of custom analytics rules enabled compared to the maximum your entitlement allows.
Select the analytics rules you're enabling:
To enable a single analytics rule, click the More menu
, right-click the analytics rule, or select the checkbox for an analytics rule.To select all analytics rules, click the checkbox in the header row.
To select specific analytics rules, click the checkbox for each analytics rule.
Select Enable.
The change is added to a batch of pending updates. You must now apply the change to your environment for the change to take effect.