Extend a Nightfall Detector

You can customize a Nightfall detector to meet your organization's requirements. Once you customize a Nightfall detector, it is considered to be a custom detector. The Nigytfall detector that you used and customized, continues to exist as is.

Nightfall provides you with two customization options. Context rules and Exclusion rules. You must use at least one of these two rules to customize a Nightfall detector. The procedure to use Context rules and Exclusion rules is the same as in the case of Regular Expression Detector. You can learn how to configure Context rules and Exclusion rules from theUnderstanding Context Rules and Exclusion Rules document.

To extend a Nightfall Detector:

  1. Navigate to the Detectors section from the left pane.

  2. Click + Custom Detector and select Extend a Nightfall detector.

  1. Select the Nightfall detector that you wish to customize.

  2. Enter a name for the customized detector in the Name field.

  3. (Optional) Enter a description for the detector in the Description field.

  4. Click Next.

  1. Click + Add Context Rule to configure the context rule.

  2. Click Save to save the rule.

  3. Click Next.

  4. Click + Add Token Rule to configure token rules.

  5. Click Save to save the rule.

  6. Click Next.

It is mandatory to either define the Context rule or the Token rule.

  1. Review the configurations and click Add.

PreviousCreate Regular Expression DetectorNextCreating Detection Rules

Last updated