A data integration mapped to Web Activity entity IOC columns does not update the measures of IOC dimensions in the Information Centric Analytics (ICA) Analyzer.

Release : 6.5.4

Component : IOC

The data source query's import rule mapping does not map a source column to the entity column IOCSourceIndicatorID.

Update the data source query's import rule mapping to map a source column to the entity column IOCSourceIndicatorID:

• Launch a browser and open the ICA console
• Navigate to Admin > Integration > Data Integrations
• Locate the integration pack with the import rule mapping in question
• Select the import rule mapping and click the Edit button
• Scroll to the Optional Fields section of the mapping and locate the entity column IOCSourceIndicatorID
• Choose a source column or provide a formula to map to IOCSourceIndicatorID
• Click the Save button

A complete listing of IOC dimensions in ICA can be found in the following section of the Symantec Information Centric Analytics Reference Guide:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/information-centric-analytics/6-6/Reference-Guide/measures3.html