Incident Management: Alerts Details View

Document created by RSA Information Design and Development on May 10, 2016
Version 1Show Document
  • View in full screen mode
 
  

In the Alerts Details view, you can see the details of an alert.

To access the Alerts Details view:

  1. 1. In the Security Analytics menu, select Incidents > Alerts.
  2. Double-click an alert.

    The Alert Details view is displayed.

    Alerts Details View.png

Related procedures are available in Filter Alerts.

Features

The following table lists the parameters displayed in the Alerts Details view. 

                                 
ParameterDescription
Total EventsDisplays the total number of events.
SeverityDisplays the level of severity.
Risk ScoreDisplays the level of risk.
Alert Rule IDDisplays how and by whom the alert was created.
CreatedDisplays details about the date and time when the task was created.
SourcesDisplays the original source.

Toolbar

The following table lists the operations that can be performed in the Alerts Details view.

                                
ParameterDescription
Back to AlertsAllows you to navigate back to the Alerts View.
Show Raw AlertDisplays Raw Alert Data details.
View Event DetailsDisplays details of the event including: related links, data, destination, and source.
View Original EventDisplays Event Reconstruction and details on the service, id, type, source, destination, and service.
You are here: Incident Management Reference Information > Alerts View > Alerts Details View

Attachments

    Outcomes