8.2. Configuring the NDR
8.2.1. Introduction
8.2.1.1. The `Assets and users tracking` and `Relationship tracking` functions
Alerts displayed in the
`Alerts`dashboard (for more information on the dashboard, see Web UI `Alerts`)Alerts displayed in the
`Assets`dashboard (for more information on the dashboard, see Web UI `Assets` screen)The users displayed in the
`Users`dashboard (for more information on the dashboard, see Web UI `Users` screen)
The `Assets and users tracking` and ` Relationship tracking` functions include:
Function |
Status |
Description |
See |
|---|---|---|---|
|
Activable |
Synchronization between the NDR web UI's |
See Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions. |
|
Can disable |
The NDR |
See Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions. |
|
Activable |
synchronization between the NDR |
See Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions. |
|
Can disable |
The NDR |
See Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions. |
The configuration interface is described in the Web UI `Assets` screen.
8.2.1.2. Elasticsearch retention period
8.2.2. Prerequisites
User : member of Administrator group
8.2.3. Preliminary operations
Login to GCenter via a browser (see Connecting to the GCenter web interface via a web browser)
8.2.4. Procedure to access the `Data Exports` window for an administrator account
In the navigation bar, successively click on:
The
`Administration`menu`Global settings export`command in the`System`categoryThe`Global settings`window is displayed.
8.2.5. Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions
- Use the
`Assets and users tracking`selector (4) to enable tracking of active assets (`Assets`) and users (`users`).The functions visible by pressing the`Assets`and`users`buttons in the web UI are now accessible if the license enables it. - Use the
`Relationship tracking`selector (10) to enable tracking relations between active devices and view these relations.The functions visible by pressing the`Relations`button are now accessible if the license enables it. Click on the
`Save changes`button.
8.2.6. Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions
- To disable the tracking of relations only, use the
`Relationships tracking`selector (4).The functions visible by pressing the`Relations`button are now inaccessible. - To disable all the functions of the
`Assets and users tracking`(10) and`Relationship tracking`(2), use the`Assets and users tracking`selector (1).The functions visible by pressing the`Assets`and`users`buttons in the web UI are now inaccessible. Click on the
`Save changes`button.
8.2.7. Procedure to configure the Elasticsearch retention time
In the navigation bar, successively click on:
The
`Administration`menu`Retention policy`command in the`Data`categoryThe`Retention policy`window is displayed.
Use the
`Elasticsearch max data retention (in Go)`(2).Use the
`Synchronize NDR boards with elasticsearch retention`selector (6) to enable synchronizing NDR dashboards with data in Elasticsearch.Click on the
`Save changes`button.