Home / Features / Security Analytics / AI Workflows

AI Workflows

AI (Advanced Intelligence) Workflows support simple ways to create new rules and more complicated rules. It is useful for user that is not familiar with python language. AI workflows also provide an easy view of the logic flow for non-technical person to understand the rules.

To create the workflows, user can just drag the symbols from the left bar to the center area to create the link with other symbols. By clicking on the symbol, user can bring up symbol properties and user can fill in the require name or label accordingly.

Screenshot

 

Above picture is one of the examples of simple workflows on windows logon event. Below picture is example for Query logs symbol properties. User to specify the query string in the example is event.code : 4725.

Screenshot

 

Below picture is an example for CreateThreat symbol properties. User to specify the Threat message accordingly.

Screenshot