Creating rule sets

Overview

Rule sets group rules together and assign them to specific groups of endpoints. You can group rules into rule sets that address specific categories of sensitive information, or that monitor specific types of files.

For example, you might want to apply and monitor for specific rules on one group of endpoints, but not other groups. Or, you might want to apply a subset of the available rules to a group of endpoints.

You can view the number of rules that are assigned to each rule set, the computer groups that it targets, and whether there are any pending changes to any of the associated rules.

By default, each rule set has one rule assigned to it. The default rule cannot be edited, but you can delete it, or make a duplicate of the rule and customize it for your specific needs.

Create a rule set

  1. From the Reveal menu, click Rule sets. Click New rule set.
  2. Enter a name and description for the rule set.
  3. Select one or more rules to associate with the rule set. Click Add Rule and select the rules you want to associate with the rule set. Click Save.
  4. Add Computer Groups that you want the rule set to target. The rules that are associated with the rule set are applied to the endpoints in the computer groups you specify.
  5. Click Save.

Add rules to an existing rule set

  1. From the Reveal menu, click Rule sets.
  2. Click the title of the rule set to which you want to add one or more rules.
  3. Click Add Rule and select the rules you want to associate with the rule set. Click Save.

Delete a rule set

  1. From the Reveal menu, click Rule sets.
  2. Select the rule set that you want to delete.
  3. Click Action > Delete. Confirm that you want to delete the rule set.

Last updated: 12/3/2018 3:51 PM | Feedback