GSL Builder

The GSL Builder is a sandbox that helps you write and test GSL rules. Some parts of the GSL Builder appear as a GSL Editor when you start to create a new rule for your environment. The GSL Builder provides an interactive graphical interface for all supported entities. CloudGuard constantly updates the list of entities and attributes.

Building a New Rule

00:00: 00:05: Learn how to build a GSL rule in Cloud. 00:09: From the cloud guard, menu, select, cspm and click GSL Builder. 00:14: Access the GSL Builder feature 00:15: Select a platform where you want to apply the rule. 00:17: In this example, we build a rule for workload. 00:20: Vulnerability, this rule will ensure that your package does not have cve 00:24: with high severity. 00:26: Select the context for the rule to apply the rule to an entire package, 00:30: select package. 00:33: In the context of package, Cloud guard, suggests three options to continue. 00:36: The rule should have should not have or where select the second option. 00:42: After that cloudguard shows a list of operators and properties relevant to packages. 00:46: Select the cve option. 00:49: Next select the contain, any option. 00:52: Now, select the category of severity. 00:55: Click on the equals sign 00:58: Enter high and click. 01:00: Close the scope block by clicking on the designated button. 01:03: Now that the rule is ready, click verify to initiate the verification process. 01:08: If everything is correct, Cloud guard validates, the rule created. 01:12: Now, you can copy the rule and add it to a rule set. 01:16: This guide covered the steps to build a GSL rule in CloudGuard. 01:20:

To build a GSL rule, follow the steps below:

Actions

You can export information about protected assets to a CSV file.

To export protected asset information:

  1. Click Export in the upper right and select the detailed view by asset type.

  2. Select an applicable platform, environment or OU, and the asset type.

  3. Click Done.