LogoLogo
Anvilogic WebsiteProduct Documentation
  • Welcome to Anvilogic
  • What's New
    • What's new?
      • 6.x releases
      • 5.x releases
  • Get Started
    • Onboarding guide
      • Log in and set your password
      • Define your company's threat profile
      • Select your data repository and get data in
        • Integrate Splunk as your data repository
          • Download and install the Anvilogic App for Splunk
            • Splunk Cloud Platform
              • Verify requirements
              • Install the Anvilogic App for Splunk
            • Splunk Enterprise
              • Verify requirements
              • Download the Anvilogic App for Splunk
              • Install the Anvilogic App for Splunk
          • Create the Anvilogic indexes
          • Assign the avl_admin role
          • Configure the HEC collector commands
          • Connect to the Anvilogic platform
        • Integrate Snowflake as your data repository
          • Get data into Snowflake
      • Review data feeds
      • (Optional) Upload your existing detections
      • Review and deploy recommended content
      • Additional tasks
    • Reference Architectures
      • Anvilogic on Splunk Architecture
      • Anvilogic on Azure
      • Anvilogic on Snowflake Architecture
        • FluentBit
          • Linux data
          • Syslog data
          • Windows data
        • Fluentd
      • Anvilogic on Databricks Architecture
      • Hybrid - Anvilogic on Splunk & Snowflake Architecture
  • Anvilogic Free Trial
    • Introduction and Overview
    • Sign Up for Free Trial
    • Initial Setup
    • Detection Engineering Workflow
    • Explore the Armory
    • Building a Scenario-Based Detection
    • Create SQL Detections
    • MonteAI for SQL
    • Monte Copilot
      • Monte Copilot supported tools
      • Monte Copilot licensing
      • Monte Copilot privacy and controls
    • Set MITRE ATT&CK Priorities
    • Review Maturity Score
    • Further Exploration and Next Steps
  • Anvilogic Lab
    • Anvilogic Lab Intro
      • Create SQL Detections
      • MonteAI for SQL
      • MITRE & Detection Armory
      • Deploy New Detections
  • Security Controls
    • AI security controls
    • Monte Copilot & AI privacy and controls
Powered by GitBook
On this page
  • Deploy New Detections
  • Edit a Use Case
  • Test and Deploy

Was this helpful?

Export as PDF
  1. Anvilogic Lab
  2. Anvilogic Lab Intro

Deploy New Detections

With Anvilogic you can easily download and deploy hundreds of new SQL built detection content in the matter of minutes.

Last updated 1 year ago

Was this helpful?

Deploy New Detections

Remember - recommended detections that will increase your Maturity Score are shown on the homepage. Download those first.

  • Homepage -> Use Cases -> View Recommended Detections

  • Select one of the recommended use cases

    • Adding to your workspace creates your own private branch of the use case that can be fully version controlled and deployed to your Snowflake environment

Create a Task? - you also have the option to create a task for this use case during the adding process. Tasks can be assigned to other members of your team.

    • Once added, your new rule ID will be created and your use case can be modified

Edit a Use Case

Once you have added the use case to your workspace, you will be able to EDIT or CLONE the use case. You are free to edit the logic or the tags.

Test and Deploy

Once you have added the use case to your workspace, you will be able to TEST and/or DEPLPY the use case.

  • Test - will execute the job on the connected Snowflake instance, looking back the last 60 minutes. This can be used to help understand the potential volume of the events that get returned before you deploy

  • Deploy - will create a scheduled task on your connected Snowflake database that will execute on the defined schedule chosen.

Click +WORKSPACE

Click ADD to save the private copy

Click EDIT