Reporting: View Alerts View

Document created by RSA Information Design and Development on Sep 14, 2017Last modified by RSA Information Design and Development on Oct 15, 2017
Version 9Show Document
  • View in full screen mode

In the View Alerts view, you can view all the alerts. Also, you can also customize the view to show alerts for a specific period of time, and set the maximum number of alerts displayed in a single page.

Workflow

view an alert workflow 

What do you want to do?

                                           
RoleI want to...Documentation

Administrator/ Analyst

Configure Reporting Engine

Configure Reporting Engine

Administrator/ Analyst

Configure an alert

Configure an Alert

Administrator/ Analyst

Schedule an alertSchedule an Alert

Administrator/ Analyst

View an alert*

View an Alert

Administrator/ AnalystInvestigate an alertInvestigate an Alert
Administrator/ AnalystManage an alert and alert templateManage an Alert and Alert Template

*You can complete these tasks here.

Related Topics

Alerting Overview

Configure an Alert

Schedule an Alert

View an Alert

Quick View

The following figure is an example with the important features labeled.

view alerts

view alerts tab

                         
1Click MonitorReports to view the Manage tab.
2Click Alerts to open the Alert view.
3

Click View Alerts to view the different panels on View Alerts.

4The View Alerts toolbar allows you to filter alerts based on a count, or the start and end date of the alerts.
5 The View Alerts List  lists all the filtered alerts in a tabular format.

The View Alerts view has the following panels:

  • View Alerts Toolbar
  • View Alerts List

View Alerts Toolbar

The following table lists the operations in View Alerts toolbar panel.

                 
OptionDescription
Last Hour(s) dataThe data fetched from the previous execution.
Max No Of Alerts

The maximum number of alerts that you want to fetch from the Reporting Engine service for a specific time-range.

 

View Alerts List

The following table lists the columns in the View Alerts List panel.

                             
ColumnDescription

The icon that opens the Investigation module, where the details of the first session that registered the match for the given alert is displayed for immediate analysis.

Note: You are not redirected to the Investigation module when:
-You reconfigure a data source for an existing alert and run an alert on the new data source.
-You enter a host name instead of an IP address in the data source field.

NameThe name of the alert that registered the match. The hyperlink on the name opens the Investigation module to view all matches for that particular alert for the hour surrounding the registered alert. 
Number of hitsThe number of times the alert is generated.
DetectedThe date and time at which the alert generates.
MessageThe alert message.
You are here
Table of Contents > Alerting References > View Alerts View

Attachments

    Outcomes