For cyber detection we have various ways to detect a compromised username/account. Once we have this we can insert a row in the Tealeaf SQL table for a dimension "Compromised username". That way we can track if any of the compromised usernames had any suspicious activity, ex. potential exploit transactions. Currently these SQL inserts are only picked up by the canisters if A. the Canister services are restarted (=heavy Tealeaf user impact); or B. Event changes are saved in the Tealeaf Portal event manager screen. (=manual). Since we are dealing with cyber scenarios, we cannot wait (up to) 24 hours for Tealeaf canister services to get restarted overnight, and we also cannot keep making event changes just to force the Portal to send a fresh copy of the events and dimensions to the canisters. Instead, we want a way to dynamically trigger the canisters to get a fresh copy, on demand. We would like to be able to trigger from SQL or from a Windows batch file. Note: this is a follow up to ticket TS001946017.
What is your industry? | Financial Markets |
What is the idea priority? | High |