Turn a log entry into a new Rule

Create a new rule from an existing log

Creating a new Anomaly or remediation rule has never been easier with the Log to Rule feature. You can now use an existing log as the template for a new rule.

Step 1: Select an existing log entry

To get started, select a log and choose from "Create Remediation" or "Create Anomaly" buttons.

Step 2: Select the parameters to use

From here, a panel will open allowing you to narrow down the parts of the log you wish to use as your template.

You can select from various parameters that exist on the chosen log. These will be carried over to a new rule. To use these settings. Select the "Create Rule" button.

Step 3: Finalize the rule

The dashboard will take you to the Create Rule screen, pre-populated with the details from the chosen log. Here you can finish setting up your rule and add any additional filters.

Once finished, make sure to toggle the "Active" switch and save the new rule. You can view and edit this in the future by visiting the Rules section of the dashboard.