UEBA: Filter Alerts

Document created by RSA Information Design and Development on Sep 11, 2018
Version 1Show Document
  • View in full screen mode

You can filter the alerts displayed in the Alerts tab by severity, feedback, entity, indicators, and date range.

  1. Log into NetWitness Platform and go to INVESTIGATE > Users > Alerts. The Alerts tab is displayed.
    Users view, Alerts tab
  2. To filter by severity, click Severity in the Alert Filter panel, select one or more options, and then click OK. The options are Select all, Critical, High, Medium, and Low.
  3. To filter by feedback, click the down arrow under Feedback, select one or more options, and then click OK. The options are Select all, No feedback, and Not a risk.
  4. To filter by entity, type a user name or the name of an entity in the Entity field. List of Indicators in the Alerts tab
  5. To filter by date range, click the Date Range down arrow under , select an option, and then click OK. The options are Last week, Last month, and Select Range.

The alerts are displayed in the right pane according to the filter you selected. To clear filters, in the left pane, click Clear.

Previous Topic:Investigate Top Alerts
You are here
Table of Contents > Investigate Top Alerts > Filter Alerts

Attachments

    Outcomes