About OCI Targets
OCI targets tell Cloud Guard which OCI compartments to monitor, and which detectors to use to do the monitoring.
The compartment assignment that you specify for an OCI target sets the scope of OCI resources that you want Cloud Guard to monitor.
- You specify a single compartment.
- All sub-compartments in the hierarchy below that compartment are automatically included, unless they are already covered by another target
An OCI compartment can only be associated with a single target.
When any compartment in the hierarchy that's specified for one target to monitor is later specified in the compartment hierarchy for another target to monitor, that compartment hierarchy is automatically removed from the first target's compartment hierarchy.
The detector recipes that you associate with an OCI target specify the rules Cloud Guard is to follow in monitoring the OCI resources in the associated compartments.
- An Activity Detector recipe and a Configuration Detector recipe are required.
- Other detector recipes are optional.
- A responder recipe
Optionally, you can associate a responder recipe with a target. The responder recipe specifies rules for actions to be taken, either automatically or with administrator intervention, to correct problems that the detectors identify, Cloud Guard