If you enable the function, script behaviors found on the StellarProtect agent-device will be added to its baseline and displayed on the page. See the following table for more information about the Approved Script Behaviors page.
|
Item |
Description |
|---|---|
|
Baseline Toggle |
Allows you to determine if you want to include specific approved
script behaviors in the baseline. If you turn the toggle off,
the
target
script behaviors will be viewed as unexpected
changes; alerts or preventative actions will be triggered
depending on the selected Operations Behavior Anomaly
Detection mode:
|
|
Monitored Process / Script |
Displays the monitored operation process containing certain
applications and acompanied parameters. By default, StellarProtect monitored 5 applications as
listed below. You can also specify other commonly-abused
applications in the .
See Policy-based Watchlist for more details. |
|
Approved Operation |
Displays the approved operations stored in the baseline. The approved operations can be viewed as the full execution process for triggering the monitored process mentioned above. See Operations Behavior Anomaly Detection for more details. |
|
Added From |
Displays the sources the approved script behaviors are added from:
|
|
Time Added |
Displays the time when the approved script behaviors were added to the baseline. |
TXOne Networks recommends switching back to Operations Behavior Anomaly Detection Learn mode before adding new script behaviors or modifying existing ones.