2.2 Utilities
OFSBD database utilities enable you to configure and perform pre-processing and post-processing activities. The following sections describe these utilities.
Batch Utilities
Behavior Detection database utilities enable you to configure and perform batch-related system pre-processing and post-processing activities.
- Alert Purge Utility:Provides the capability to remove erroneously generated matches, alerts, and activities.
- Batch Control Utility: Manages the start and termination of a batch process (from Data Management to alert post-processing) and enables access to the currently running batch.
- Calendar Manager Utility: Updates calendars in the system based on pre-defined business days, holidays, and days off, or non-business days.
- Data Retention Manager: Provides the capability to manage the processing of partitioned tables in Behavior Detection. This utility purges data from the system based on configurable retention period defined in database.
- Database Statistics Management: Manages statistics in the database.
- Flag Duplicate Alerts Utility: Enables you to run a script daily after the generation of alerts to identify pairs of alerts that are possible duplicates and adds a system comment to each alert.
- Refreshing Temporary Tables: Refreshes temporary tables that the Behavior Detection process uses and estimates statistics for the newly populated tables.
- Truncate Manager: Truncates tables that require complete replacement of their data.
Administrative Utilities
Several Behavior Detection database utilities that configure and perform
system pre-processing and post-processing activities are not tied to the batch
process cycle:
- Data Analysis Tool: Assists a Data Miner or Data Analyst in determining how well a customer has populated the Production Data Model.
- Get Dataset Query with Thresholds Utility: Enables you to extract dataset SQL complete with substituted thresholds for analysis of the SQL outside of the Behavior Detection application.
- Scenario Migration Utility: Extracts scenarios, datasets, networks, and associated metadata from a database to flat files and loads them into another environment.
- Alert Correlation Rule Migration Utility:Enables you to move correlation rules and their audit trails from a source environment to a target environment.
- Investigation Management Configuration Migration Utility:Enables you to load data related to alerts into the OFSBD.
- Watch List Services:Enables you to query the BD watch lists to find a specific or a partial match.
- Alert Processing Web Services: Enables you to execute additional processing steps in an existing service operation.
- Password Manager Utility:Enables you to change a password for a specific user in a subsystem apart from Alert Viewer and administration tools.
- Oracle Sequences: Enables you to update and maintain the Oracle sequences used in OFSBD.