Rules perform tests on events, flows, or offenses. If all the conditions of a test are met, the rule generates a response.
JSA includes rules that detect a wide range of activities, including excessive firewall denies, multiple failed login attempts, and potential botnet activity. For more information about rules, see the Juniper Secure Analytics Administration Guide.
A user with non-administrative access can create rules for areas of the network that they can access. You must have the appropriate role permissions to manage rules. For more information about user role permissions, see the Juniper Secure Analytics Administration Guide.