Create security tag rules

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • Security tag rules automatically apply tags to security incidents when specified conditions are met to provide security incident filtering for security analysts.

    始める前に

    • Security tags added by rules are removed automatically when rule conditions no longer match.
    • Manual security tags are preserved when automatic tags are applied.
    • When multi-selection is disabled for a security tag group, only one tag from that group can be applied to a security incident. If a security analyst manually applies a tag and an automatic tagging rule subsequently triggers for a different tag within the same group, the automatic tag overrides the manual tag.
    • Role required: sn_si.admin

    手順

    1. Navigate to All > Security Operations > Security Tags > Tags.
    2. Choose or create a security tag.
    3. In the Security Tag Rules related tab, select New.
    4. Fill in the fields on the form, as appropriate.
      Field Description
      Name The name of the security tag rule.
      Security Tag The security tag to attach to the rule.
      Active Option to turn the security tag on or off.
      Description A description of this rule.
    5. Determine Record Filtering.
    6. Fill in the fields on the form, as appropriate.
      Field Description
      Use filter group Option to associate the filter group to the rule.
      Table The table to contain the rule.
      Condition Option to add one or more filter conditions.
    7. Select Submit