In addition to the many AlienApps offered by USM Anywhere, AT&T Cybersecurity offers you the option of configuring an advanced AlienApp custom to your resources and the way you use them. With custom AlienApps, you can better monitor activity in your environment according to your needs. Your custom AlienApp enables you to collect and analyze log data from any third-party applications your environment relies upon and gives you ultimate granularity to configure precisely how USM Anywhere should view and process your data.
You can also create a custom log parser, designed to parse logs from any application that uses Amazon Simple Storage Service (S3) or syslog authentication and for which USM Anywhere does not already provide an AlienApp.
Like regular advanced AlienApps, your custom AlienApp or log collector can enable you to do the following:
- Log collection
- Orchestration In USM Anywhere, you can create orchestration rules to filter events, suppress events, create alarms, send notifications, or execute response actions.
- Notification Communication of an important event, typically through an email message or other desktop display. In USM Appliance, notifications are typically triggered by events, policies, and correlation directives, and in USM Anywhere, they are typically triggered by notification rules or directly from alarms.
- Response A mechanism provided through AlienApps to execute actions in third-party applications based on risks identified in USM Anywhere.
Edition: The ability to create a custom AlienApp or log collector is available in the Standard and Premium editions of USM Anywhere. See the Affordable pricing to fit every budget page for more information about the features and support provided by each of the USM Anywhere editions.