Login
    Contents x
    Viewing Alert Information
    • 05 Sep 2023
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Viewing Alert Information

    • Updated on 05 Sep 2023
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    The Source column in the Alerts table displays the source of the alert.
    You can click an alert row to view the alert's detailed information and attempt to fix it.

    Viewing a Findings Center Alert

    From the Alerts page, you can click an alert (i.e., an unmuted alert that you have been notified about) originating from the Findings Center to open its Alert drawer with all its detailed information.
    For example:

    AlertDrawer

    The Alert drawer includes the following:

    • Alert overview - The top row of the Alerts drawer. Displays all the information from the row of the selected alert from the Alerts table, as well as Alert Count - the number of times the alert was triggered since the last alert with notification was triggered. This count includes the current alert and the muted alerts (without notification) since the last notification.

    • Trigger Condition - The configuration of the condition in the rule that triggered this alert.

    • Alerts - A table listing the alerts that have been triggered since the last alert with notification. The top row is the current alert (unmuted, with notification) and the rows below it are the rows of the muted alerts, from the most recent to the earliest. This table shows the following information:

      • Alert ID - The ID number of the alert. This number is assigned by the system in sequential order.

      • Result - The number of assets in the query that met the trigger condition and created the alert. From the top alert (current, with notification), you can pivot to this list of assets.

      • Date - The date and time of the triggered alert.

    • Link to the Findings Center rule that triggered this alert - in the Alert drawer header.

    To view the source of a Findings Center alert

    1. In the Alerts table, click an alert with Source = Findings Center. The Alert drawer opens.
    2. Pivot to the alert assets.
    3. Open the rule that triggered this alert.
    4. Attempt to fix the alert.
    5. Manually update the status of the alert, as relevant.

    Viewing Alert Assets

    Note:

    If you have modified the rule that triggered the alert, old links (i.e., of alerts that were triggered prior to the rule modification) used to pivot to assets will not work. To learn more, refer to the note in Editing a Findings Rule.

    The Alerts section shows all the alerts triggered by the rule (including muted alerts), with the most recent one on top of the list. From the most recent alert, you can pivot to the list of assets that crossed the threshold and therefore created the alert.

    To pivot to alert assets

    1. In the Alert drawer, under the Alerts section, click the number of assets under the Result column of the most recent alert. The relevant assets page opens, displaying the assets that meet the trigger condition.

    Opening the Triggering Rule

    From the Alert drawer, you can open the configuration of the rule that triggered the alert. You can update the rule configuration, if required.

    To open the triggering rule

    1. In the header of the Alert drawer, click the FindingsIcon Go to Findings Rule icon. The Findings rule that triggered this alert opens.
    2. Update the rule configuration, if required.

    Viewing an Enforcement Center Alert

    You can view system alerts sent from the Enforcement Center.

    EnforcementCenterAlert

    To view the source of an Enforcement Center alert

    1. In the Alerts table, click an alert with Source = Enforcement Center. The Run drawer within the Run History screen opens, showing the results of the enforcement run. You can go to the assets from the Run History drawer.
    2. Attempt to fix the cause of the alert.
    3. Manually update the status of the alert, as relevant.

    Viewing an Adapter Connection Alert

    You can view the notifications sent from the Adapters module when there is an adapter connection issue.

    AdapterALert

    To view the source of an Adapter Connection alert

    1. In the Alerts table, click an alert with Source = Adapter Connection. The screen of the adapter with the connection alert opens (refer to Adapter Connections). For example:
      AdapterError
    2. Click the Error icon. The Connection screen opens, showing the error. For the adapter in the above example:
      ConnectionError
    3. Attempt to fix the cause of the alert.
    4. Manually update the status of the alert, as relevant.

    Viewing a Settings Alert

    You can view system alerts sent from the Settings module. For example, CPU/memory alerts.

    To view the source of a Settings alert

    1. In the Alerts table, click an alert with Source = Settings. The relevant system settings screen opens.
    2. Attempt to fix the cause of the alert.
    3. Manually update the status of the alert, as relevant.
    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout