SIEM and TAG
Last updated
Was this helpful?
Last updated
Was this helpful?
SIEM and TAG rules are Log2Metric rules that can be used to tag data for any interesting events. Apica Ascent Log2Metrics is a powerful feature that helps you convert your log data into a real-time metric. Using Log2Metrics, you can visualize your log data, plot distributions, create a custom index, and create alerts for events.
This is useful for identifying the interesting events that may occur in logs in real-time. For example track, user login failures, track load balancer or ingress status codes, etc... See the section about for additional information.
Apica Ascent has hundreds of inbuilt SIEM rules which can be accessed on the "Explore -> Pipeline -> Rules" tab .
Go to the pipeline where you want to apply the rule.
Click on Configure Pipeline
from the pipeline’s action menu.
Hover over the + Add Rule
button.
Select SIEM/TAG
from the rule type dropdown.
A modal will open with a form organized into tabs.
In the Details tab:
Specify the rule name, description, and other required fields.
Click + Add More Parameters
to define matching conditions.
Example: