Extend Operations Management Suite security with your own notable issues


Summary: Learn how to create your own notable issues to accommodate your specific business needs.

Operations Management Suite (OMS) Security and Audit solution highlights notable security issues. Administrators should be aware of and examine these issues. Some issues are common, such as standard configuration changes that can occur as part of the normal business cadence. Others are rare events that might indicate a malicious activity, such as detecting a security log deletion.

OMS Security and Audit solution has lots of built-in notable issues. While they are a good start, many organizations might like to extend and add their own notable issues that represent their specific logic or unique set of priorities.

You can turn any OMS search query into a Security and Audit notable issue by saving it to one of the three unique saved searches categories:

  • Security Critical Notable Issues
  • Security Warning Notable Issues
  • Security Info Notable Issues

After you save a query to a category, it appears in the notable issues area in the Security and Audit solution.

Here is a quick step-by-step guide:

  1. Start on the OMS search page. From this page, you can also examine the preconfigured notable issues.

Screenshot of the OMS search page.

  1. After you define the query, save it to one of the notable issues categories:

Screenshot of the OMS search page and the option to save a search to a notable issues category.

  1. From now on, the new query will appear in the notable issues list:

Screenshot of a saved query that appears in the notable issues list.

  1. If you want to delete this query later, just go to the search start screen and delete it from the list:

Screenshot of the search start screen where an issue in the Security Critical Notable Issues category is highlighted so that you can delete it.

Note that you can’t delete or edit the preconfigured notable issues.

 

Comments (2)

  1. Lars says:

    good stuff – how do you do this in generic way i.e. whats the Query syntax. Couldn’t find it in the syntax documentation.

Skip to main content