Investigate an Alert ViewInvestigate an Alert View
In the Investigate an Alert view, you can view and investigate alert details. When investigating an alert, you can open the sessions in the Investigation module for further investigation.
Workflow
What do you want to do?
| Role | I want to... | Documentation |
|---|---|---|
|
Administrator/ Analyst |
Configure Reporting Engine |
|
|
Administrator/ Analyst |
Configure an alert |
|
|
Administrator/ Analyst |
Schedule an alert | Schedule an Alert |
|
Administrator/ Analyst |
View an alert |
|
| Administrator/ Analyst | Investigate an alert* | Investigate an Alert |
| Administrator/ Analyst | Manage an alert and alert template | Manage an Alert and Alert Template |
*You can complete these tasks here.
Related Topics
Quick View
The following figure is an example with the important features labeled.
The View an Alert view has the following panels:
- View Alerts Toolbar
- View Alerts List
View Alerts List
The following table lists the columns in the View Alerts List panel.
| Column | Description |
|---|---|
|
The icon that opens the Investigation module, where the details of the first session that registered the match for the given alert is displayed for immediate analysis. Note: You are not redirected to the Investigation module when: |
| Name |
The name of the alert that registered the match. The hyperlink on the name opens the Investigation module to view all matches for that particular alert for the hour surrounding the registered alert. |
| Number of hits |
The number of times the alert is generated. |
| Detected |
The date and time at which the alert generates. |
| Message |
The alert message. |
