Skip to main content

Knowledge Center

Overview

Knowledge Center (KwC) is part of the Core module and is designed to maintain a unified knowledge base. KwC allows not only viewing existing articles but also writing your own, as well as creating and storing various diagrams, rules, scenarios, or tags.

KwC includes the following components:

  • Overview — a page displaying statistical information
  • Rules — a list containing rules that allow detecting incidents and includes descriptions necessary for detection queries and links to additional information
  • Scenarios — scenarios contain a group of rules
  • Wikilogs — an informational-reference module for creating knowledge base articles
  • Diagrams — allows creating graphical diagrams for further use in the knowledge base articles
  • Data Sources — contains settings templates for various data sources
  • Search — search across all Knowledge Center components
  • Tags — a component for managing tags

Example interface for writing and adding a new article:

KwC not only allows adding various objects but also customizing access to them. Different users may have access to different content.

Additionally, the Knowledge Center provides the ability to search across all Search Anywhere Framework objects.