Configuring Lookups
Click here to see this page in full context


Configuring Lookups

Overview

Lookups is basically an 'array' of sorts which can be used when defining rules. When you create a lookup, you can use the object in multiple rules without having to repeat the list in every rule.

On the Context XDR UI, navigate to Configuration > Lookups. The Lookups page displays a list of already configured objects. For each object, the page displays the number of rules using the object and the number of values in each object. The page also displays the actual values defined in each object.

Configure a New Lookup

On the Lookups page, click New Lookups and Select Static or Dynamic type to configure the lookup.

Click on each type for more detailed instructions for configuration.

StaticStatic

Follow these steps to configure a lookup by Static type:     

1. On the New Lookups drop-down menu, select Static.

2. Next, enter a Name and Description for this object.

   

3. Next, define the type for this object. You can create an object of either String type or Long type.


4. Next, define the lookup values either manually, or by importing the list via an external file.

NOTE: If you are creating a lookup for a Long type, you can also choose to enter a range of values instead of the full list.

a. For manually entering the list, separate each list value by a comma.

b. To import a list, first define the separator used in the file and then drop the file or browse to the file to upload it.

5. Finally, click Save to create this lookup.

This lookup is now visible on the Lookups page and can be used when defining conditions in Rules.

DynamicDynamic

Dynamic type allows you to configure multiple rules that can add or remove items from the lookup.

Follow these steps to configure a lookup by Dynamic type:

1. On the New Lookups drop-down menu, select Dynamic.

2. Next, enter a Name and Description for this lookup, then click Save.

    

    The lookup is now created and can be viewed on the Lookups page. You can use this lookup when defining conditions in Rules.

3. On the Lookups page, you can use Quick Actions drop-down menu to:

  Edit: Click to modify the existing details.

  View Details: Displays the Basic information, Associated rules, Dynamic lookup rules and Values details. show moreshow more

    - Basic Information: Displays the general details of a looup such as Created On, Created By, Last Updated etc.

     

    - Associated Rules: Displays the list of rules associated with the lookup.

      

    - Dynamic Lookup Rules: Displays the list of rules which you can add/remove lookup values using a rule. You can click Add rule to create a DSO rule. You can also use quick          actions for each rule to view details, edit, deactivate, and delete rule.      

      

    - Values: Displays the list of values that are added by the corresponing rule. This page displays the details such as Values, Created on, Rule name, and Time to live.

 

  Manage Rules: Displays the configured dynamic special object rules. You can also add a new rule for the dynamic special object.