Alert List View

The Alert List view allows you to import, export, manage, and add alerts.

Workflow

netwitness_alertlist_view_workflow.png

What do you want to do?

Role I want to... Documentation

Administrator/ Analyst

Configure Reporting Engine

Configure Reporting Engine

Administrator/ Analyst

Configure an alert

Configure an Alert

Administrator/ Analyst

Schedule an alert Schedule an Alert

Administrator/ Analyst

View an alert

View an Alert

Administrator/ Analyst Investigate an alert Investigate an Alert
Administrator/ Analyst Manage an alert and alert template* Manage an Alert and Alert Template

*You can complete these tasks here.

Related Topics

Alerting Overview

Quick View

The following figure is an example with the important features labeled.

alert_list_pane1.png

1 Click Alerts to open the Alert view.
2

The Alert toolbar allows you to add, modify, delete, enable, disable, refresh, import, and export an alert. Using this toolbar, you can also set access permissions for the selected alert.

3 The Alert panel lists all the alerts in a tabular format.

The Alerts List view has the following panels:

  • Alert Toolbar
  • Alert

Alert Toolbar

The Alert toolbar panel has the following features:

Feature Description
netwitness_add_17x17.png Adds a new alert to the Reporting module.
netwitness_delete.png Deletes one or more selected alerts.
netwitness_edit_icon.png Edits an alert.
Enable Enables the selected alerts.
Disable Disables the selected alerts.
netwitness_refresh.png Refreshes the view.
netwitness_options_button.png Enables the following options: Import, Export and Permissions.

Alert

The Alert panel lists all the alerts in a tabular format. The following table lists the columns in the Alert panel and their descriptions.

Feature Description
Enabled

Displays the state of the alert:

  • Enabled - the alert is active and fires based on the rule assigned to it.
  • Disabled - the alert is not active.
Pushed?

Indicates whether the alert is sent to Decoders or Log Decoders:

  • Yes - Alert is pushed to Decoders or Log Decoders.
  • No - Alert is not pushed to Decoders or Log Decoders.
Name

Identifies the name of the alert. Clicking the alert name displays the rule on which this alert is based in the Define Rules panel.

Description

Indicates the alert description.

Actions

Indicates the action the system takes when the alert fires. The different available action types are as follows:

  • Record
  • SMTP
  • SNMP
  • Syslog