Learn how to create a new user activity rule to monitor
user and administrator activity.
User activity rules enable
. You can track user activities that
compromise your organization. You can create a rule that sends email
alerts or creates an activity monitoring
log entry when a user downloads a large number of reports,
or when a user tries to access a SaaS application from a malicious
IP address. There are numerous other examples that
warrant activity monitoring.
Add a new rule.
User Activity Rules
Define the basic settings.
) Enter a
rule ranging from 1 to 5, with 5 representing the highest risk type
Items to Detect
Select one of the following:
—Applies the policy
rule to users.
—Applies the policy rule to
assets such as files or folders.
the rule. Enter the users or assets you want to exclude from the
rule. For example, you might want to exclude SaaS Security API administrators
from user activity monitoring.