2 About the Administration Tools

Administration Tools are used to configure alert and case generation.

The application provides the following tools to configure the alert generation process:

• Scenario Threshold Editor: This tool is used for modifying the threshold values that patterns use to detect matches.
• Alert Creator Editor: Using this tool you can automatically group matches that share similar information into a single alert. You can create new rules, modify the logic behind existing rules, and delete rules. The tool also displays the job ID and job template ID for all rules created.
• Alert Scoring Editor: This tool is used for creating new rules or modify the logic behind existing rules that prioritize alerts automatically.
• Alert Assigner Editor: This tool is used for assigning ownership of alerts.
• Threshold Analyzer: This tool is used to reduce the number of false positive alerts by analyzing and categorizing past alerts to identify correlations between alert attributes and alert quality.

This topic details the following actions:

• Accessing the Administration Tools
• Using Common Screen Elements
• Logging off of the Administration Tools
• Saving Changes to a Log File

Logging in to the Administration Tools

Access to Administration Tools depends on the type of user role assigned by the application administrator. The following rules apply:

• Users assigned to the Data miner role can access the following:
  • Scenario Threshold Editor
• Users assigned to the Administrator role can access the following:
  • User Administration
  • Security Attribute
  • Administration
  • Alert Creator Editor
  • Alert Scoring Editor
  • Alert Assigner Editor

Refer to the Administration Guide, for more information about how to install the tools. Contact your system administrator for the URL to access the Administrator Tools.