Reporting: Additional Procedures 57447

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 
 

Overview

This topic is a collection of individual procedures, which an Administrator may perform at any time and they are not required to complete the initial setup of licensing. These procedures are presented in alphabetical order.

Introduction

Use this section when you are looking for instructions to perform a specific task after the initial setup of templates.

 

Topics
  • This topic provides instructions on how to delete an alert.
  • This topic provides instructions on how to disable the selected alerts and remove the alerts from the Decoder and Log Decoder.
  • This topic provides instructions on how to edit an alert.
  • This topic provides instructions on how to activate an alert to execute and send output actions every minute, when the alert conditions are met.
  • This topic provides instructions on how to export alerts to an external file that can be later imported to Security Analytics.
  • This topic  provides instructions on how to import alerts from other instances of Security Analytics into Alert List panel. Alerts imported from another Security Analytics instance must be of a valid binary file. During the import process, you select the binary file, and specify whether or not existing alerts with the same name should be overwritten by alerts contained in the binary import file. If you choose to overwrite, all duplicate rules, lists, and alerts are overwritten by the contents of the binary import file. If you choose not to overwrite, and if a duplicate rule, list, or alert exists in the target folder, the import will still happen and no message about duplicate alerts is displayed.
  • This topic provides instructions on how to refresh the list of alerts.

Attachments

    Outcomes