Using the Global User Alert Plug-in software

This section provides a detailed description of the BMC Global User Alert Plug-in software. This is an optional set of files and executables added to the BMC Defender Server to provide special alerting of users, in direct support of user anomaly detection and certain security requirements.

The section provides information about the installation and use of the software, descriptions of the screens, and details about the features. 

The BMC Global User Alert Plug-in consists of a new screen that is added to the system, located in the Alerts > Users tab. This new screen provides special capabilities to apply a single threshold or match pattern across a range of users. Although this capability already exists in BMC Defender (within the existing Correlation and Alerts tabs) the Global User Alert Monitor can often simplify the alerting process, and create a more visible indication of the user-centric alerts that might be necessary to monitor system security. In particular, this screen might be useful in demonstrating to auditors that BMC Defender is configured to satisfy certain PCI-DSS and other security requirements.

This section is intended for BMC Defender users who operate the system, as well as system administrators responsible for installing the software components. This information should also be of interest to program developers and administrators who want to extend the range of the BMC Defender system's role within an enterprise to include special user management.

This section provides information about the following topics: 

• Background information
• Standard Threads and Alerts
• Global User Alerts: benefits and limitations
• Software operation of Global User Alert Plug-in software
• Global User Alert Monitor screen
• Global User Alert Editor screen
• Suggest Message button
• Creating Threads, Tickets, and Alerts of software operation of Global User Alert Plug-in software