About OCI Detector Recipes

Cloud Guard detectors follow rules, combined into recipes, to identify problems. Except where noted, this applies to all types of detector recipes.

A detector is a Cloud Guard component that identifies potential security problems, based on resource configuration or activity. Each detector uses a detector recipe that defines what the detector should identify as a problem.

Each detector recipe consists of a set of detector rules, that provide a specific definition of a class of resources, with specific actions or configurations, that cause a detector to report a problem.

Cloud Guard provides several sets of detectors with default rules. You can:

• Use these detectors as is.
• Clone any of the default detectors and modify the rules to meet specific needs.
• Enable and disable detectors rules individually.
• Limit the scope for applying individual rules by specifying conditions that must be met.

Cloud Guard supports two types of detector recipes:

• Oracle-managed recipes are provided by Oracle and you can only modify a few settings in the recipe rules.
• User-managed recipes must be created, usually by cloning an Oracle-managed recipe. You can modify more settings in user-managed recipes rules.

For more information on what you can modify in recipes that are Oracle-managed or user-managed, and whether you are making changes from the recipe level or the target level, see Modifying Recipes at Recipe and Target Levels,