Rules Manager Page

Rules Manager Table

The Rules Manager table lists all Findings Rules defined in Axonius, sorted by the date that the rule triggered an alert, from the most recent to the earliest.

The Rules Manager table provides the following information:

Field	Description
Severity	Severity of the rule. Available options are: Informational, Low, Medium, High, Critical
Rule Name	The name of the Findings rule.
Last Notified	The latest date and time (UTC) that the rule ran the trigger condition and notified of the alert.
Check and Notify	The frequency that the rule is scheduled to run.
Entity Type	The asset that is checked. For example, Devices, Application Settings, Adapters Fetch History,Tickets, Users.
Rule Type	The type of rule. Available option is: Blank (forCustom Rule).
Trigger Condition	The condition that sets off the alert.
Mute Condition	The criteria for muting the alert.
Alert Count	The number of times the rule checked that the condition exists and created an alert until and including the most recent notification. Alerts created during muting of notifications are only added to the count the next time an alert is created with notification.
Activity Status	Status of the rule.

Field

Description

Severity

Severity of the rule. Available options are: Informational, Low, Medium, High, Critical

Rule Name

The name of the Findings rule.

Last Notified

The latest date and time (UTC) that the rule ran the trigger condition and notified of the alert.

Check and Notify

The frequency that the rule is scheduled to run.

Entity Type

The asset that is checked. For example, Devices, Application Settings, Adapters Fetch History,Tickets, Users.

Rule Type

The type of rule. Available option is: Blank (forCustom Rule).

Trigger Condition

The condition that sets off the alert.

Mute Condition

The criteria for muting the alert.

Alert Count

The number of times the rule checked that the condition exists and created an alert until and including the most recent notification. Alerts created during muting of notifications are only added to the count the next time an alert is created with notification.

Activity Status

Status of the rule.

Searching and Filtering Rules

You can filter the rules that are displayed.

The following filters are available:

Search Findings - Search for any text in a rule.

Severity - Display rules of specific severities. From the dropdown, select one or more of the following: Informational, Low, Medium, High, Critical

Check and Notify - Display rules of a specific run schedule. From the dropdown, select one or more of the following: Every global discovery cycle, Every x hours, Every x days, Days of week, Days of month

Entity Type - Display rules on one or more entities (i.e., asset types).

From the Entity Type dropdown, select one or more entities (i.e., asset types) to return the Rules that apply to these asset types. For example: Users, Adapters Fetch History, Application Settings, Devices, Tickets. The assets in the dropdown are listed according to asset category (as on the Assets page). In addition, it is possible to type and search to easily locate in the dropdown, the asset type required.

Trigger Condition - Display rules with triggers of one or more condition types: Simple query threshold, Query comparison, Query change over time

Mute Condition - Display rules with one or more of the following mute types: Off (no muting), Mute time after first alert, Mute on specific dates, Mute daily in this time range

Rule Type - Display rules of the following type: Blank (forCustom Rule)

Note:

The filters only show those options that appear in the Rules Manager table.
If you want to filter by many options, you can click Select All to select all options, and then click those options that you want to deselect.

Rule Retention

The Rule Manager pages always display the latest 100,000 rules.

Viewing Rules

Rules Manager Table

Searching and Filtering Rules

Rule Retention

Performing Actions on Rules

Deleting Rules

What's Next