Fortinet FortiDB manual Rule Chaining Setting Screen

Page 11


Rule Chaining	MS-SQL

Rule Chaining

The Rule Chaining module allows you to associate rules so that one, the source1 rule, can influence the execution of another, the target2 rule. Both rules are established with the same target database.

Rule Chaining Setting Screen

FortiDB MA offers two types of chained-rule pairs:

•Rule pairs in which there are no parameters passed. (In this case, you may use Guarded Items from Privilege Monitor (PM), Metadata monitor (MM), Content Monitor (CM), and User Behavior Monitor (UBM))

•Rule pairs in which there are parameters passed(In this case, you may use Guarded Items only from User Behavior Monitor (UBM))

You invoke Rule Chaining from the tree navigator on the left.

1.This is sometimes called the original rule.

2.This is sometimes called the chained rule.

FortiDB Version 3.2 Utilities	User Guide
15-32000-81369-20081219	9

Image 11

Contents Utilities User Guide Trademarks FortiDB Utilities User GuideTable of Contents Index FortiDB MA Utilities Selecting Addresses for Auto-Discovery Auto DiscoveryResults from Auto-Discovery Selecting Non-Standard Ports for Auto-DiscoveryDiscovered Database Information Populating Connection Form MS-SQLMS-SQL Connection Summary Button Connection Summary Output Connection SummaryRule Chaining Rule Chaining Setting ScreenRule Chaining Chaining with Parameterized User-Defined Rules General Pudr Steps Parameterized User-Defined Rule Flow DiagramValidating the Pudr before Saving Disabled Parameter CheckboxesExample of Chaining to a PL/SQL-based Pudr Item Setting for Session PolicyPolicy Settings for Suspicious Login Time Immediate Resulting Killed Session Table Columns That Could Appear in AlertsChained-Rule Alerts UBM Session Policy and Pudr DB Example Multiple Source-Rule-Violation BehaviorRule Chaining Alert Report Manager Setting a Report ScheduleSetting a Timer-based Schedule Deleting a Timer Schedule Deleting a Previously Set Timer ScheduleSetting a Calendar-based Schedule Setting a Timer-Based ScheduleSetting a Randomized Interval Setting a Combined ScheduleSetting a Randomized Interval Setting a Calendar-Based ScheduleARM Reporting by Time ARM Reporting by Time Calendar Pop-up Reporting by TimeEnabling Email Recipients Specifying Report ParametersNew Reports Menu New Report Setting Screen topNew Report Setting Screen bottom Using the Select Checkbox to Affect Multiple Reports Saved and Enabled ReportView Reports Dropdown List on Current Reports Screen Activating ARMRunning and Analyzing Reports Status Menu Status DialogSummary-Action Output Types Current Report ConfigurationReport Summary Action Choosing Summary Report ActionReport Size Archiving Reports Report Detailed ActionLimitation Custom Reports Using This FeatureCustom Reports SchedulingTime-only Schedule Settings Daily Schedule Settings Customer and Company Information Weekly Schedule SettingsMonthly Schedule Settings Custom Reports Main Report and Template Generation and ManagementCompany Information Dialog Adding a Report Adding ReportsModifying Reports Deleting a Report Deleting ReportsModifying a Report Modifying Report Templates Templates Manager Modifying a Template Generating ReportsReport Result Generated Html Report Example Report History Report HistoryProperty Purpose Possible Values Default Licensing and AdministrationUser Administration for Custom Reports and SOX Reports Reports radio button on the User Administration screenLimitations Property Purpose Possible Values Default1SOX Reports within Custom Reports Manager SOX Compliance ReportsReport Name Acronym General Setup InstructionsReports and Acronyms Common Report Header FieldsHPC Report Sample Cobit Objectives and Setup RequirementsHistory of Privilege Changes Report HPC Report Body ColumnsAUC Report Sample Abnormal or Unauthorized Changes to Data Report AUCAUS Report Sample Abnormal Use of Service Accounts Report AUSATD Report Sample Abnormal Termination of Database Activity Report ATDEPA Report Sample End of Period Adjustments Report EPASettings Dialog for the EPA Report Assumptions CaseVAS Report Sample Verification of Audit Settings Report VASReport Size Licensing and AdministrationArchiving Reports Verification of Audit Settings Report VAS Index