USM Anywhere™

Creating Rules from Events

Role Availability Read-Only Analyst   Manager

USM Anywhere enables you to create and manage your own orchestration rules from the Events Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor, or through external devices such as a firewall. details pages, which is the easiest way to configure an orchestration rule.

Warning: Orchestration rules only apply to future events and alarms. There is no longer an exception for suppression rules.

Suppression rules using the Contains, Match and Match, case insensitive operators apply to future events and alarms, not to events and alarms received in the current day.

You can create these rules: