UEBA - User and Entity Behaviour Analytics
Welcome to the UEBA community space! Post a question about anything related to UEBA let it be baselines, use–cases or configuration.
Does anyone have some examples of the models that are used for the “Active Directory Authentication” data source? For example, does this depend on certain Event IDs being present in the logs, and if so how do they map to the models?
Hi Team,Going through our user manual, it states that the entities could be selected either using LDAP OU group as an enrichment source or a CSV as an enrichment source. What are some tried and true considerations that I can help my customer decide which enrichment source to choose?
Already have an account? Login
Login to the community
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.LOGIN AS PARTNER OR CUSTOMER Login with LinkedIn
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.