Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This summary rule aggregates recent network session data using the ASIM normalized _Im_NetworkSession function. It creates 20-minute summaries grouped by rule name, network direction, and device action. This helps track which rules are generating traffic events and supports analysis of rule effectiveness and policy enforcement.
| Attribute | Value |
|---|---|
| Type | Summary Rule |
| Solution | Network Session Essentials |
| ID | a31660b8-b5a1-4b0e-9341-b9b132efa9a7 |
| Required Connectors | AWSS3, MicrosoftThreatProtection, SecurityEvents, WindowsSecurityEvents, WindowsForwardedEvents, Zscaler, MicrosoftSysmonForLinux, PaloAltoNetworks, AzureMonitor(VMInsights), AzureFirewall, AzureNSG, CiscoASA, CiscoAsaAma, Corelight, AIVectraStream, CheckPoint, Fortinet, CiscoMeraki |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Summary Rules · Back to Network Session Essentials