Rubrik User Access Analysis - Rubrik Polaris

This playbook fetches User Intelligence information for the provided username or email, and then increases the incident severity based on the user risk levels.

Rubrik Security Cloud · 12 tasks · 4 inputs · 0 outputs

Inputs

  • user_name — The name of the user to search for.
  • user_email — The email or the UPN of the user to search for.
  • search_time_period — Specify the search time period to look for user access.
  • risk_levels — The comma-separated list of risk levels. Supported values are: UNKNOWN_RISK, HIGH_RISK, MEDIUM_RISK, LOW_RISK, NO_RISK. Note: For any other values, whether the obtained result is filtered or not, is not confirmed.

Flowchart

yes Available Available Start Start Done Done Is Rubrik Polaris integration enabled? Is Rubrik Polaris integra... Collect the username, the email, and the risk level. Collect the username, the... Check whether user meta information is available or not. Check whether user meta i... Delete context for the previous user inputs. - DeleteContext Delete context for the pr... DeleteContext Rubrik Retrieve User Access Information - Rubrik Polaris - Rubrik Retrieve User Access Information - Rubrik Polaris Rubrik Retrieve User Acce... Rubrik Retrieve User Access I... Rubrik Retrieve User Access Information - Rubrik Polaris - Rubrik Retrieve User Access Information - Rubrik Polaris Rubrik Retrieve User Acce... Rubrik Retrieve User Access I... Check if any user risk levels are available for the provided filter. Check if any user risk le... Update incident severity as per user risk level. - RubrikSonarSetIncidentSeverityUsingUserRiskLevel Update incident severity ... RubrikSonarSetIncidentSeverit... Set the delete keys. - SetAndHandleEmpty Set the delete keys. SetAndHandleEmpty Delete context for the specified keys. - DeleteContext Delete context for the sp... DeleteContext