- Download PDFs
-
Configuring Actions in the Database
- Related Topics
- Overview of the Threat Mitigation Application
- For information about configuring actions, see the SRC-PE Services and Policies Guide
- Configuring a Database to Store Attack and Response Data
- ACTION Attributes Used by the Threat Mitigation Application
- Configuring Candidate Actions in the Database
Configuring Actions in the Database
The ACTION table contains data about services to activate in response to an attack. The administrator must add one ACTION table entry for each SRC service that is used as an action in the Threat Mitigation Application.
The entry in the /opt/UMC/conf/thma/etc/<database>/data.sql file contains the attributes in the format:
- INSERT INTO ACTION
- VALUES ('<serviceName>', '<name>', '<description>');
For example:
- INSERT INTO ACTION
- VALUES ('BlockAttacker', 'Block Attacker', 'This action
blocks all traffic to and from the attacker.');