Login
    Contents x
    Viewing Findings Rule Information
    • 24 Dec 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Viewing Findings Rule Information

    • Updated on 24 Dec 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Viewing the Findings Rule Configuration

    To view the rule configuration

    1. In the Rules Manager table, click a rule.

    In the Rule drawer that opens, in the Rule Configuration tab, you can view the rule configuration, the Trigger Condition, Scheduling, Mute Conditions, and External Notification. Learn more about these parameters in the section that describes how to create a new Findings rule.

    RuleDrawer

    Viewing the Findings Rule Alerts History

    From the Rules Manager table, you can click a specific rule to open its Rule drawer - Alerts History tab to view the list of alerts since the last time the rule triggered an alert with notification (i.e., was unmuted).
    During the time that notification of a rule is muted, alerts are created but notification is not sent. When the first alert is created with notification not muted (top row in the Alerts section), all the alerts that were triggered while notifications were muted are written to the Alerts section under this alert.
    You can also navigate to the Alert drawer of any alert in the Alerts section.
    For example:
    AlertsHistoryNew

    The Alerts History tab includes the following information:

    • Rule overview - The top row of the Alerts History tab. Displays all the information from the row of the selected rule from the Rules Manager table, as well as Alert Count - the number of times the rule triggered an alert since the last time it triggered an alert and notified. This count includes the current alert and the muted alerts (without notification) since the last notification.
    • Trigger Condition - The configuration of the condition in the rule that triggered this alert.
    • Alerts - A section listing the alerts that have been triggered since the last alert with notification. The top row is the current alert (unmuted, with notification) and the rows below it are the rows of the muted alerts, from the most recent to the earliest. You can click any row in this table to open its Alert drawer. This table shows the following information:
      • Alert ID - The ID number of the alert. This number is assigned by the system in sequential order.
      • Date and Time - The date and time that the rule triggered the alert.
      • Alerts Count - The number of alerts (always 1).
      • Status - The status of the alert. Available statuses: Unseen, Open, In Progress, Closed, Canceled. When you open an Unseen alert from this table, the status of the alert changes to Open in the Alerts table.

    To view the alerts that were triggered by a specific rule

    1. In the Rules Manager table, click a rule.
    2. In the Rule drawer that opens, click the Alerts History tab. The Alerts History dialog opens.
    3. You can click any alert in the Alerts section to open its Alert drawer.
    Note:

    If the rule has not yet run, the Alerts History tab displays the message: "No alert history for this rule".

    Viewing Triggered Alert Information

    You can open the Alert drawer of any alert that was triggered by a specific rule to view its detailed information.

    To view information on an alert triggered by the rule

    1. In the Alerts History of a rule, in the Alerts section, click an alert. Its Alert drawer opens.
    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout