Understanding Static List

Static lists are lists that do not depend on any condition in which companies determine their inventories such as Administrator Users, Branch Networks, NAC Servers etc. You can use these lists for exclude and include parameters when creating correlation rules.

55.png

Static list allows you to fill list by values you want matches. When Logsign Unified SecOps Platform detects your keys of the list in the logs, You can use this keys of the list for alert behaviour option.

 

Description: In terms of definition, you need to specify a name for the list.

Type: Static

Severity: You can decide with this severity selection how much important the list for you.

Context: You can tag the object, which enters this list, as Suspicious, Victim or Attacker for future events.

Tag: You can determine from this section which groups will have the authority to view the list that you are creating.

Match Type: You can select which type of data stores in the list, these types are.

Static Key: You can add any string value into your list.

Contains Any: You can add any partial string value into your list. 

IP – Network: You can add any IP or IP Range or Network Range information into your list. (IP Network Format Tips: 10.0.0.0/255.0.0.0 OR 10.0.0.0/24 OR 10.0.0.1 – 10.0.0.50)

Integer Range: You can add any Integer value into your list (Integer Format tips: 100 - 500)

 

Then your use the Save button to save your settings.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.