- 17 Apr 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Viewing Rules
- Updated on 17 Apr 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Use the Rules Manager page in the Findings Center to view all rules defined in the Axonius Findings Center.
To view the Findings rules
- In the left navigation panel, click the Findings icon .
- Click the Rules Manager tab. The Rules Manager page opens.
Rules Manager Table
The Rules Manager table lists all Findings Rules defined in Axonius, sorted by the date that the rule triggered an alert, from the most recent to the earliest.
The Rules Manager table provides the following information:
Field | Description |
---|---|
Severity | Severity of the rule. Available options are: Informational, Low, Medium, High, Critical |
Rule Name | The name of the Findings rule. |
Last Notified | The latest date and time (UTC) that the rule ran the trigger condition and notified of the alert. |
Check and Notify | The frequency that the rule is scheduled to run. |
Entity Type | The asset that is checked. For example, Devices, Application Settings, Adapters Fetch History,Tickets, Users. |
Rule Type | The type of rule. Available option is: Blank (forCustom Rule). |
Trigger Condition | The condition that sets off the alert. |
Mute Condition | The criteria for muting the alert. |
Alert Count | The number of times the rule checked that the condition exists and created an alert until and including the most recent notification. Alerts created during muting of notifications are only added to the count the next time an alert is created with notification. |
Activity Status | Status of the rule. |
Searching and Filtering Rules
You can filter the rules that are displayed.
The following filters are available:
Search Findings - Search for any text in a rule.
Severity - Display rules of specific severities. From the dropdown, select one or more of the following: Informational, Low, Medium, High, Critical
Check and Notify - Display rules of a specific run schedule. From the dropdown, select one or more of the following: Every global discovery cycle, Every x hours, Every x days, Days of week, Days of month
Entity Type - Display rules on one or more entities (i.e., asset types).
- From the Entity Type dropdown, select one or more entities (i.e., asset types) to return the Rules that apply to these asset types. For example: Users, Adapters Fetch History, Application Settings, Devices, Tickets. The assets in the dropdown are listed according to asset category (as on the Assets page). In addition, it is possible to type and search to easily locate in the dropdown, the asset type required.
- From the Entity Type dropdown, select one or more entities (i.e., asset types) to return the Rules that apply to these asset types. For example: Users, Adapters Fetch History, Application Settings, Devices, Tickets. The assets in the dropdown are listed according to asset category (as on the Assets page). In addition, it is possible to type and search to easily locate in the dropdown, the asset type required.
Trigger Condition - Display rules with triggers of one or more condition types: Simple query threshold, Query comparison, Query change over time
Mute Condition - Display rules with one or more of the following mute types: Off (no muting), Mute time after first alert, Mute on specific dates, Mute daily in this time range
Rule Type - Display rules of the following type: Blank (forCustom Rule)
- The filters only show those options that appear in the Rules Manager table.
- If you want to filter by many options, you can click Select All to select all options, and then click those options that you want to deselect.
Rule Retention
The Rule Manager pages always display the latest 100,000 rules.
Performing Actions on Rules
Deleting Rules
Delete a single or selection of rules using the Delete action.
For general information about working with tables refer to Working with Tables.