Logging Analytics: Auto threat score enrichment and punch out to Threat Intelligence service IPs
- Services: Logging Analytics
- Release Date: April 20, 2023
Logging Analytics provides automatic threat intelligence enrichment for your logs that can help identify public IP addresses which could have some level of threat associated with them. Learning about the possible threats early can help separate and mitigate them.
To enable the threat intelligence enrichment feature, see Use the Geolocation Field for Grouping Logs.
To know about the new Oracle-defined lookup TIS Threat Feeds that can be used in the log source definition to enrich logs, example of searching for threat actors, understanding the threat patterns, and getting real-time alarms upon detection of threat actors in the ingested logs, see Blog: Catch IP Address threats in your logs to analyze and mitigate them.