A data integration mapped to Web Activity entity IOC columns does not update the measures of IOC dimensions in the Information Centric Analytics (ICA) Analyzer.

The data source query's import rule mapping does not map a source column to the entity column IOCSourceIndicatorID.

Release : 6.5.4

Component : IOC

Update the data source query's import rule mapping to map a source column to the entity column IOCSourceIndicatorID:

• Launch a browser and open the ICA console
• Navigate to Admin > Integration > Data Integrations
• Locate the integration pack with the import rule mapping in question
• Select the import rule mapping and click the Edit button
• Scroll to the Optional Fields section of the mapping and locate the entity column IOCSourceIndicatorID
• Choose a source column or provide a formula to map to IOCSourceIndicatorID
• Click the Save button

A complete listing of IOC dimensions in ICA can be found in the following section of the Symantec Information Centric Analytics Reference Guide:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/information-centric-analytics/6-5-4/Reference_Guide_5/Dimensions_1/dimensionsF2S2.html