Kron PAM Configuration for Threat Threshold Incident Response

log in to kron pam web gui navigate to the threat analytics menu open the severity configurations tab this section contains configurations related to the classification of detected threats according to their risk scores set risk severity threshold and auto action for severity levels log to log the detected anomalies kill all sessions to kill all sessions of the user kill session to kill the session in which the anomaly is detected lock user to lock the user locked users cannot log in to the system the error message your account is locked please contact your administrator is displayed on the login page locked accounts can be unlocked by clicking unlock user in actions menu send notification to send a notification mail to the recipient defined in "sc uba send detected anomalies mail recipient" parameter in system config manager suspend user to suspend the user for the time specified in the "user suspend formillis" parameter in system config manager detected threats are listed in the dashboard tab