The Acoustic Ideas portal has moved! Please sign up for our new Ideas portal and submit your suggestions at https://ideas.goacoustic.com.
For cyber detection we have various ways to detect a compromised username/account. Once we have this we can insert a row in the Tealeaf SQL table for a dimension "Compromised username". That way we can track if any of the compromised usernames had any suspicious activity, ex. potential exploit transactions. Currently these SQL inserts are only picked up by the canisters if A. the Canister services are restarted (=heavy Tealeaf user impact); or B. Event changes are saved in the Tealeaf Portal event manager screen. (=manual). Since we are dealing with cyber scenarios, we cannot wait (up to) 24 hours for Tealeaf canister services to get restarted overnight, and we also cannot keep making event changes just to force the Portal to send a fresh copy of the events and dimensions to the canisters. Instead, we want a way to dynamically trigger the canisters to get a fresh copy, on demand. We would like to be able to trigger from SQL or from a Windows batch file. Note: this is a follow up to ticket TS001946017.
How will this idea be used?
Per the above, this idea will be used for cyber detection: reporting on exploit activity on compromised usernames
|What is your industry?||Financial Markets|
|What is the idea priority?||High|
|Link to original RFE|