Adding a dictionary

You can add dictionaries and use the elements saved in them as variable values in SQL queries for Network Anomaly Detection rules.

To add a dictionary:

1. Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using an Administrator or Security Officer account.
2. Select Settings → Dictionaries.
3. Open the details by clicking Add dictionary.
4. Enter the dictionary name and description.
5. Select the dictionary type and define its items.

   You can select the following types of dictionaries:

   • Dates, for storing dates. Corresponds to the "date" data type in the SQL query.
   • IP addresses, for storing IP addresses. Corresponds to the "ip" data type in the SQL query.
   • Ports, for storing port numbers. Corresponds to the "port" data type in the SQL query.
   • Text, for storing string values. Corresponds to the "string" data type in the SQL query.
   • Time, for storing time ranges. Corresponds to the "time" data type in the SQL query.
   • Days of the week, for storing the days of the week. Corresponds to the "weekday" data type in the SQL query.
6. Click Save.

Page top