Manage Top Alerts

You can export a list of all alerts to a .csv file format. You can use this information to compare the data from other sources in other data analysis tools like tableau, powerbi, and zeppelin.

To export alert data to a .csv file:

  1. Go to Investigate > Entities > Alerts.
    The Alerts tab is displayed.
    Users View, Alerts tab
  2. On the top right, click Export.
    All the alert data is downloaded in a .csv file format. The following figure is an example of the exported alert data in .csv format:

    Exported csv values displayed in spreadsheet format

Set Alert Feedback Status

The analyst can mark alerts as Not a Risk or they can remove the Not a Risk feedback status by updating it to None. Also, multiple alerts grouped by date can be selected to perform this action.

To set an alert feedback status:

  1. Go to Users > Alerts.
    The Alerts tab is displayed with a list of alerts.

netwitness_altfb.png

  1. Select the checkbox netwitness_altfb1.png and click Not a Risk to mark all the alerts as not risky.

netwitness_altfb2.png

A confirmation message is displayed to confirm the change.

  1. Click OK, to confirm the status or click Cancel if you don’t want to continue with the update.

Note: All alerts that are marked as Not a Risk will not contribute to the entity's score.