USM Anywhere enables you to create and manage your own orchestration rules from the EventsAny traffic or data exchange detected by AT&T Cybersecurity products through a sensor, or through external devices such as a firewall. details pages, which is the easiest way to configure an orchestration rule.
You can create these rules:
- Suppression Rule: See Creating Suppression Rules from the Events Page and Suppression Rules from the Orchestration Rules Page for more information.
- Filtering Rule: See Creating Filtering Rules from the Events Page and Filtering Rules from the Orchestration Rules Page for more information.
- AlarmAlarms provide notification of an event or sequence of events that require attention or investigation. Rule: See Creating Alarm Rules from the Events Page and Correlation Rules for more information.
- Notification Rule: See Creating Notification Rules from the Events Page and Correlation Rules for more information.
Important: The Create Filtering Rule option is not visible if the Agent has sent the event.