Admins
1. Create Users and User
...
Groups
-user information
-user group "user options."
2. Create Data Groups and assign users/user groups
-data group "user options."
3. Create data sources for the users (as necessary)
For users that may have difficulty using the Manage, or the Advanced Source Builder.
4. Facilitate MR jobs as necessary
-Criticality & Vulnerability
ISA Administration Task Flow
| Step | Command or Action | Best Practices/Time Frame |
|---|---|---|
| 1 | Create Users and user Groups:
| Consider creating user groups based on roles within your organization. For example, you may segment your cyber analysts into several tiers, or have different groupings for IT security engineers. You should account for the time that it will take to map ISA user groups to the roles within your organization. |
| 2 | Create Data Groups and assign users/user groups:
| Consider creating different data Groups that correspond to different data types. For example, ISA supports Logstash, RSS, Webpages, Datasift, Twitter etc. You should account for the time that it will take to map ISA data groups to the specific data types within your organization. |
| 3 | Create Data Sources, as required
| Additional map reduce jobs may be required for specific data types, and an IKANOW resource is provided for this. Account for th etime it will take to build custom MR jobs when planning for data source creation. |
Users/Analysts
1. Create a Data Source
Follow the intuitive wizard-based Manager to add data sources.
Configure:
Test:
Save/Publish:
2. Create a Project
Associate the previously created Users/user Groups, Data Groups, and Data Sources with the Project
Add Data:
Add Users:
Save:
3. Visualize and Collaborate
Search:
-visualize documents and records
-advanced search and filtering
Criticality and Vulnerability:
-threat response management
