It is possible to create custom threats which will be included in nProtex reports by utilizing the BqlThreat. These threat types utilize a user-provided BQL query and can alert based off of basic logic such as greater than, less than. An example threat that could be created would be one that alerts if any super user is created that does't begin with "ALX_". BqlThreats automatically sync to subordinate stations and only need to be created on the WebSupervisor. This sync occurs automatically when a report is being generated.
Setup
To create a custom BqlThreat:
- Open the nProtex Palette
- Drag "BqlThreat" from the palette to your NProtexService/Report/Threats folder
- Set the appropriate name
- Provide a BQL query which returns an integer value (using COUNT, MIN, MAX, SUM, AVG)
The BQL queries must return a numeric value.
Example BqlThreats
User Count < 15: Detects if more than 15 users exist on the station.
BQL: station:|slot:/|bql:select COUNT(*) from baja:User
Comparison: Greater Than
Count: 15
Program Objects Installed: Detects if any programs are in use.
BQL: station:|slot:/|bql:select count(*) from program:Program
Comparison: Greater Than
Count: 0
FOXS Only Disabled: Detects if Foxs Only is enabled (N4 Only)
BQL: station:|slot:/|bql:select * from fox:FoxService where foxsOnly=false
Comparison: Greater Than
Count: 0
