Managing OCI Targets
You can add targets to expand or change the scope of resources that Cloud Guard monitors, and you can change the rules Cloud Guard uses to do the monitoring.
A target defines scope of what Cloud Guard checks.. A target can consist of your entire OCI tenancy, or any combination of compartments below the top level.. Specify at least one target when you enable Cloud Guard. You can define more targets later.
Viewing Details for an OCI or Security Zone Target
See the scope of resources that Cloud Guard monitors, and the detector and responder recipes that are used in the monitoring.
You can view the details of a Security Zone target in Cloud Guard.You must create and modify Security Zone targets in the OCI Security Zones application.
What's Next
- To create a new target, see Creating an OCI Target.
- To make changes in an existing target, see Modifying an OCI Target.
- To delete a target, see Deleting an OCI Target.
Creating an OCI Target
A target defines the scope of resources that Cloud Guard monitors, and the detector and responder recipes to be used in the monitoring.
What's Next
- To modify a target, see Modifying an OCI Target.
- To modify settings for detector and responder recipes added to a target, first see Modifying Recipes at Recipe and Target Levels. Determine where to start to access the particular settings you want to change, then see the appropriate topic:
- To disable or delete a target, see Deleting an OCI Target.
Modifying an OCI Target
You can change the detector and responder recipes added to an OCI target.
Modifying Rule Settings in an OCI Target's Recipes
You can change the settings for individual rules in the detector and responder recipes attached to a target.
What's Next
To change settings for individual rules in detector or responder recipes, see:
- To modify detector recipe rules, see Modifying Detector Rule Settings in an OCI Target's Recipes.
- To modify responder recipe rules, see Modifying Responder Rule Settings in an OCI Target's Recipes.
Modifying Detector Rule Settings in an OCI Target's Recipes
Make tactical changes in detector rules from the Targets page.
In Security Zone targets, the security zone detector recipes have policies instead of rules, and the policies can't be modified.
In all other OCI targets, the only detector rule setting that you can change from the target level is the Conditional Group specification. To change other rule settings from the recipe level, see Modifying an OCI Detector Recipe.
For complete information on what you can modify in Oracle-managed and user-managed (cloned) detector and responder recipes, from the recipe or target level, see Modifying Recipes at Recipe and Target Levels.
Modifying Responder Rule Settings in an OCI Target's Recipes
Make tactical changes in responder rules from the Targets page.
Responder rules can be enabled or disabled only from the recipe level, and only in user-managed (cloned) responder recipes. See Modifying an OCI Responder Recipe. You can change all other responder rule settings from the target level.
For complete information on what you can modify in Oracle-managed and user-managed (cloned) detector and responder recipes, from the recipe or target level, see Modifying Recipes at Recipe and Target Levels.
Deleting an OCI Target
You can delete a target if you no longer need it.
You must delete a Security Zone target from the OCI Security Zones service. See Deleting a Security Zone.
When you delete a target, information for all problems associated with that target disappears from the Cloud Guard console and can no longer be accessed through the API. The information remains in the Cloud Guard database until it's purged at 180 days. For more information, see Problem Lifecycle, especially the "Problem Reconciliation Process" section.
- Open the navigation menu and click Identity & Security. Under Cloud Guard, select Targets.
- Look for targets where the Type column entry is OCI.
- On the Targets page, select the check box for each target you want to delete, then click Delete.
- In the Delete target(s) dialog box, select I understand, then click Delete target(s).