Viewing Advanced Alerts

From the Alerts > Advanced Alerts page, you can view all triggered alerts, and can acknowledge or filter them.

From the Alerts page, you can perform the following tasks:

• Acknowledge alerts

  Acknowledging an alert indicates that you have recognized the alert. Once you acknowledge the alert, your user name gets associated with that alert. For instructions on how to acknowledge alerts, see Acknowledging Alerts.

• Delete alerts

  You can select alerts from the list and delete them by clicking Delete.

• Auto-refresh the list of alerts

  Click the down arrow next to the refresh button to set the refresh interval in seconds. Enter the time in seconds. The Alerts table is refreshed as per the defined time interval. By default, it is refreshed every 30 seconds. Clicking the Pause button halts refreshing, and the Pause button changes to Resume. Clicking Resume resumes refreshing the list of alerts.

• Filter alerts

  You can quickly find the desired alert by typing the alert name in the Find field. As you start typing the alert name in the Filter field, the Alerts page is automatically refreshed showing your selection.

• View alerts based on filters

  You can use filters to easily find alerts. Click the View list to view different filters.

  • All - all alerts in the system
  • Acknowledged - alerts that have been acknowledged
  • High Severity - alerts with high severity
  • Unacknowledged - alerts that have not been acknowledged
• Sort alerts

  You can sort any column in ascending or descending order. To sort by a column, click on the column name or the arrow next to the column name.

• Show or hide columns

  You can show or hide columns, except the mandatory column, from the table. Click to view all available columns in the table. Select the check box to show the column. Clear the check box to hide the column from the table. The Alerts page is updated immediately.

• View alert details

  See also: Viewing Alert Details.

The following table describes the Alerts information displayed on the Alerts page:

Column	Description
Severity	The severity of the trigger. The options are: Info Low Medium High Note: An admin (a user with administrator privileges) can configure severity options. The options might differ if they have been configured.
SLA Expiration	The Service Level Agreement (SLA) expiration time is the time by which an operator is expected to acknowledge the alert. When the SLA time expires, it displays the time in negative hours or days in this column field.
Status	The icon indicates the alert status: expired acknowledged unacknowledged
Acknowledged	A check mark indicates that the alert is acknowledged. Otherwise this field is blank.
Name	The trigger name associated with the alert.
Trigger Group	The group to which the trigger belongs.
Description	The description of the alert.
Category	The category of the trigger. The options are: Attack on third party Authorized Activity Authorized security testing Emergency changes False positive Known error LogLogic Event Network Noise Security Alert Suspicious Activity Unauthorized Activity Unknown Note: An admin (a user with administrator privileges) can configure the category options. The options might differ if they have been configured.
Elapsed time	The time since the alert was created
Last updated	The time when the alert was last updated