Unusual External Alarm
This is a catch all anomaly for any external alarm that is created by a third party system (e.g., IDS, IPS, DLP, NGFW). These anomalies are useful for increasing the users risk profile and add context to threats inside of UBA.
This content is not mapped to any local saved search. Add mapping