Skip to main content

Responses are generated using AI and may contain mistakes.

Threat Detection ManagementThreat Detection Management Guide

Export Analytics Rules

Export analytics rules to use as a starting point to create your own analytics rule or to share with team members and other stakeholders.

You can only export custom analytics rules. You can't export pre-built analytics rules.

You can export a single analytics rule or multiple analytics rules at once.

Export an Analytics Rule

  1. On the Analytics Rules tab, click the More menu The more options menu; three vertical dark grey dots on an off-white background. for an entity, or right-click the entity.

  2. Select Export. The analytics rule is downloaded to your file system in a JSON format. You can now import the analytics rule to another environment.

Export Multiple Analytics Rules

  1. On the Analytics Rules tab, determine which analytics rules you're exporting:

    • To select all analytics rules, click the checkbox in the header row.

      All listed analytics rule selected.

    • To select specific analytics rules, click the checkbox for each analytics rule.

      Three analytics rules selected.

  2. Click Export analytics rules A partial rounded blue square from which emerges an arrow curving upwards and to the right, both of which are set inside a blue square..

  3. Edit the file name for the exported rules. By default, the name is Exabeam_analytics_rules--<current year>-<current month>-<current day>T<current UTC time>Z

  4. Select which rules you're exporting:

    • Selected – Export the rules whose checkboxes you selected.

    • All Custom Rules – Export all existing custom analytics rules.

  5. Click Export Rules. The selected correlation rules are exported to a JSON file and downloaded to your file system. You can now import the correlation rules into another environment.