Website Blog Login

Onum Docs
Use Cases
Videos
Release Notes

Welcome
Getting Started
THE WORKSPACE
YOUR VAULT
ADMINISTRATION
- Tenant Menu
- Global Settings
MARKETPLACE
- Onum Marketplace
  - Pulling Pipelines
    Netskope Events Alert
    OKTA System Log API
    Sophos Connector SIEM

Powered by GitBook

On this page

Overview
Examples

Was this helpful?

THE WORKSPACE

Pipelines

Building a Pipeline

AI Assistant

AI Action Assistant

Just ask, and the assistant helps you

PreviousAI Pipeline Assistant NextListeners

Last updated 2 months ago

Was this helpful?

Note that this feature is only available for certain Tenants. Contact us if you need to use it and don't see it in your Tenant.

Overview

To start using it, open the Action configuration and just click this icon at the bottom left corner:

The Action Assistant is only available for a specific set of Actions, but it will soon be expanded to cover more. These are the Actions where you can currently use it:

Examples

Here are some example use cases where we ask for help from the Action Assistant. Check the prompts we use and the resulting configuration in each example picture.

Conditional

In this example, we request a condition for each of the most common Windows event IDs:

In this case, we request conditions for each of the most common FortiGate log IDs:

Here, we are filtering events with Success status only:

Group By

In this example, we need to identify each unique IP address for every 10 minutes:

In this case, we need all the unique app name values every 5 seconds, grouped by source ports and IP addresses:

Math Expression

In this case, we ask the assistant to transform a series of amounts from bytes to megabytes:

Here we are transforming our epoch dates in milliseconds into seconds:

In this example, we want to calculate the time difference between a series of from and to dates:

Message Builder

In this example, we ask for the most relevant fields but in key-value format:

Here we are requesting the most relevant fields as a message in JSON format:

In this case, we want to order all our fields in alphabetical order:

Here we want to filter only string-type fields:

Unique

In this example, we want to identify the unique message IDs and codify them in 8 bits.

The Action Assistant is an AI-powered chat feature designed to help users configure their within a . Any configuration requested through the chat will be automatically applied. This is especially useful for requesting specific use cases, as the AI will automatically apply the necessary fields and settings to achieve the desired result.

Field Transformation

Math Expression

Message Builder