Skip to main content
User behavior analytics (UBA) extends your USM Anywhere Sensor’s awareness by enabling it to track actors as well as assets within your environment. With UBA, USM Anywhere can help you identify malicious or compromised , and enable you to better prioritize with the addition of user data. In addition to analyzing users, UBA also analyzes each of a user’s separate accounts, and enables you to manually combine detected users to ensure that your user analytics are accurate. and alarms can thus be enhanced with user data, including user entities and their individual accounts, as either the source user or the destination user. To incorporate UBA into your USM Anywhere instance, you must provide information about all users acting in your environment. Each user must be identified by a unique username and account type. Once users have been identified, there are several tasks that you must complete to ensure that complete and actionable data is being captured and acted upon. This chapter describes these necessary tasks, and covers topics such as user discovery and merging, user scans, user , and configuration. This topic discusses these subtopics: User List View User Discovery Understanding User Status in User Data Sources Viewing Full User Details Events, Alarms, and Notifications Created When a User’s Status Changes Merging Users Deleting Users Importing Users from a CSV File