discovery-engine icon indicating copy to clipboard operation
discovery-engine copied to clipboard

Published 20 hours ago verified publisher icon accuknox

Support discovering system policy according to the drop reason

Open seungsoo-lee opened this issue 4 years ago • 0 comments

Basically, knoxAutoPolicy discovers the system policy based on the system log/alert.

Also, we need to support the functionality that can discover the system policy from the dropped system log as well.

There can be some types of drop reasons.

  • there is no matched policy.

  • there is a deny policy.

  • [ ] We should provide a configuration that how much cover the dropped system log: no matched only / all dropped logs

seungsoo-lee avatar Jul 27 '21 04:07 seungsoo-lee