Managed Threat Hunting (MTH) must be configured by a Global Administrator before the MTH team can begin to hunt for threats in your OneView sites. First, you must subscribe to the MTH service before you can configure the settings in OneView. For more information, see Subscribe to Add-ons in OneView.
When adding this service to a site, the MTH team must know which OneView users to contact when remediation steps are required for detections or suspicious activities. Select OneView users for primary, backup, and alternate contacts that the MTH team can notify.
Note: The selectable contact users are either Global Administrators or Site Administrators assigned to the site in OneView.
OneView notifications are created for all contacts selected on this page. For more information, see Set up Managed Threat Hunting notifications in OneView.
When deleting a OneView user who is an MTH contact from the Settings > Users page, you are prompted to select a new MTH contact.
Global Data Protection Regulation
CAUTION - This setting cannot be changed later. Confirm the correct selection is made before clicking Save.
Global Data Protection Regulation (GDPR) is a regulation on data protection and privacy in the European Union (EU) and European Economic Area (EEA). If you have any endpoints protected by OneView located in the EU or EEA, select Yes. This selection controls where data for MTH is stored.
Connect to MTH portal
Once contact configuration is complete, on the top right of your console click MTH Portal or MDR/MTH Portal. This connects your account to to begin threat hunting.
Return to Managed Threat Hunting.