Oracle Cloud Infrastructure Documentation

Managing OCI Targets

You can add targets to expand or change the scope of resources that Cloud Guard monitors, and you can change the detector and responder recipes, and edit the detector and responder recipe rules that Cloud Guard uses to do the monitoring.

A target defines the scope of what Cloud Guard checks. An OCI target can consist of your entire OCI tenancy, or any combination of compartments below the top level. You specify at least one target when you enable Cloud Guard. You can define more targets later, as needed.

You can perform the following OCI target management tasks:

  • Listing OCI Targets and Getting Their Details
    • List existing OCI targets.
    • View information for a specific target: attached detector and responder recipes, and settings in the settings of attached detector and responder recipes.
  • Creating an OCI Target
    • Create a new OCI target from a compartment hierarchy in an existing target.
    • Create a new OCI target from compartments not mapped to any other target.
  • Editing an OCI Target and Its Attached Recipes
    • Change the combination of recipes attached to a target,
    • Add or change tags assigned to the target.
  • Editing Detector Rule Settings in an OCI Target's Recipes

    Make changes in detector rule settings that apply only to resources in the compartments that are mapped to the target:

    • Change detector rule parameters that control whether a problem is triggered.
    • Enable and disable individual detector rules.
  • Editing Responder Rule Settings in an OCI Target's Recipes

    Make changes in responder rule settings that apply only to problems triggered in the compartments that are mapped to the target:

    • Change responder rule parameters that control how a triggered problem is processed.
    • Enable and disable individual responder rules.
    • Set responder rules to execute automatically or manually.