Skip to main content

Cloud SIEM Built-In Rules

A Cloud SIEM rule is logic that fires based on information in incoming records. When a rule fires, it creates a signal. There are several types of rules, each of which supports a different sort of firing behavior. While you can write your own rules, there are hundreds of rules that Cloud SIEM provides out-of-the-box. Before writing your own rule, look at the built-in rules to see if there's one that provides the behavior you need.

For the complete list of built-in rules, see Rules in the Cloud SIEM Content Catalog.

Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.