User API Setting
Navigate to Inventory > User Api Setting to edit the user API settings of Threat Defender.
If the user API is enabled, Threat Defender automatically tracks users and maps their usernames to IP addresses.
These settings specify what user data Threat Defender tracks under Users and User Api Logs. The user API settings screen contains the following elements:
Field |
Description |
|---|---|
|
The slider switch indicates whether the user API is enabled or disabled. |
Note |
Optional: Add a short description of the API settings. |
Secret Key |
Enter the password for user API connections. Click Show Password if you want to display the password in plaintext. |
Do Not Log These Usernames |
To define logging exceptions, enter the usernames of users you do not want to log events for. You can enter multiple usernames separated by commas. |
Do Not Log These IP Addresses |
To define logging exceptions, enter the IP addresses you do not want to log user events for. You can enter multiple IP addresses separated by commas. |
Limit Access to These IP Addresses |
Create a whitelist of IP addresses you want to log user events for. If this field contains IP addresses, Threat Defender will only log events for the IP addresses in this list. Events generated by other IP addresses will not be logged. You can enter multiple IP addresses separated by commas. |
Auto-Expire Learned IP Addresses |
Specify after how many days Threat Defender will forget the learned user/IP address mappings. If you set this value to |
The buttons at the bottom of the screen allow you to store your changes (SAVE) or to discard them (CANCEL).