Administration
In this section, we will introduce the following concepts:
📄️ Cloud SIEM Enterprise Feature Update (2022)
This topic describes what customers can expect from the February 2022 Cloud SIEM Enterprise (CSE) feature update.
📄️ Create and Use Network Blocks
This topic describes Network Blocks and their purpose, and provides instructions for setting them up and using them.
📄️ Create a Custom Tag Schema
This topic has instructions for creating a custom tag schema in CSE.
📄️ Create a Custom Threat Intel Source
This topic has information about setting up a *custom threat intel
📄️ Create CSE Actions
This topic has instructions for configuring CSE Actions
📄️ Create CSE Context Actions
This topic has information about CSE Context Actions and how to create them.
📄️ CSE APIs
This page has information about accessing the CSE APIs and API documentation. The process depends on your CSE environment.
📄️ CSE Audit Logging
The Audit Event Index provides event logs in JSON format on your account activity so you to monitor and audit changes. By default the Audit Event Index is enabled for CSE and Enterprise accounts.
📄️ CSE User Accounts and Roles
This topic has information about creating and managing user accounts and roles for CSE. CSE uses role-based access control (RBAC). An administrator controls access to capabilities by assigning capabilities or permissions to roles, and then assigning users to roles.
📄️ Manage Custom Insight Resolutions
This topic has information about custom Insight resolutions and how to create and manage them.
📄️ Manage Custom Insight Statuses
This page has information about creating and managing custom Insight statuses.