Juniper Secure Analytics Apps
JSA comes with two preinstalled apps that help you to manage your apps and content inventory, and the security of app authorization tokens.
The following apps are preinstalled in JSA:
Dashboard widgets that show recommended content, JSA help pages, Twitter feeds, and content update status.
App Authorization Manager
Manage app authorization tokens.
JSA Assistant App
Use the JSA Assistant app dashboard to manage your app and content extension inventory, show app and content extension recommendations, provide a JSA Twitter feed, and provide links to useful information.
The JSA Assistant app consists of the following preinstalled dashboard widgets:
View your recommended content, which is filtered by the types of apps and the features that you configure in your profile and from log sources that are discovered by the app. You can change your preferences at any time or view all JSA extensions.
A JSA extension can be an app or a content extension that you download from the App Exchange. Use content extensions to update JSA security template information or to add new content such as rules, reports, searches, logos, reference sets, and custom properties. App extensions add functionality such as dashboards, custom columns, and new pages to the JSA user interface.
JSA Help Center
View information and videos about JSA on the JSA Help Center dashboard widget. You can view video tutorials, listen to Open Mics, participate in forums, read JSA documentation and newsletters, and use the links to find the JSA resources that you need to manage your JSA deployment.
Content with updates available
View updates when an installed app or content extension is updated on the App Exchange.
Configuring the JSA Assistant App
Configure access settings and app preferences for the Assistant app. You configure app preferences so that the Assistant app presents the most suitable content.
- Click the Dashboard tab.
- To configure access settings and app preferences, complete
the following steps:
Click the profile icon on the Recommended Content widget.
You can also configure these settings on the JSA Admin tab by clicking Apps > JSA Assistant, then click the SOC Assistant Settings icon.
Click the Manage Authorized Services link to open Authorized Services page where you create an authentication token, and then paste the token into the SEC Token field.
Optional: To add a proxy for internet access, enter the proxy details.
Click How to obtain an API Key and Password and follow the instructions.
Configure your App Preferences and then click the arrow at the bottom of the screen.
Select Application to view apps only in the types of apps list. To view extensions that relate to specific content such as custom rules, or reports then select that type to view all the related extensions.
Select a specific feature, such as Malware, or Identity and Access Management in the security features list to refine your search.
Enter tags such as "database" in the custom tags text box to refine your search.
The Assistant App identifies log sources that are used by JSA and shows suitable apps or content packs in the Recommended Content widget.
Click Done on the Setup Complete! page.
Enhancing Security in App Authorization by Using the App Authorization Manager
When you install an app that requests an OAuth authorization token to access JSA resources, an OAuth authorization token is created and a record that represents the token is added to the App Authorization Manager. The record is identified by the App Name and App ID and includes the user access level that is assigned to the app to access JSA resources.
- On the navigation menu (), click Admin to open the admin tab.
- Click Apps > App Authorization Manager to open the app.
- To change assigned users for the OAuth authorization token,
click Edit, and then select any users that are available
in the list.
For example, if you don't want to use the Admin user and another user is available in the list, you can change to a user with the requested capabilities that are defined in the app manifest file. Any users that appear in the list have the capability that the app requires to run.
- To delete an OAuth authorization token, click Delete to remove a record. You might want to delete a token that is no longer in use or you might want to remove the app authorization.