Alerts
The Alerts tab displays detailed information on alerts or incidents recorded in the organization. For each alert the severity, reporting time, rule name, category, user, reporting products, and other details are displayed in a tabular view.
Note: The Alerts tab displays detailed information on alerts recorded in the organization. For each alert the severity, reporting time, rule name, category, user, reporting
products, and other details are displayed in a tabular view. Alerts are retained for 90 days.
Filtering capability allows for filtering based on specific columns in the Alerts tab. Filtering is supported on following columns: Alert id,Severity, Risk ImpactStatus, Activity, Assignee, Reported time (UTC).
- 1
- Alert id: A unique identifier for each alert.
- 2
- Transaction id: A unique identifier for the DLP event that triggered the alert.
- 3
- Severity: Indicates the alert severity.
- 4
- Risk Impact: Indicates whether the associated alert risk severity.
- 5
- Status: Indicates the alert status
- 6
- Assignee
- 7
- Reported time (UTC): Indicates the UTC reporting time for a specific alert.
- 8
- Activity: Description of the user activity that raised the alarm.
- 9
- Action: The action that was taken by the system. For example, Allow or Block.
- 9
- Category: Indicates the category of data breach. For DLP Alerts the category is equivalent to the matched DLP Policy name.
- 4
- Policy: The name of the policy that was matched. If more than one policy matches, the number of additional policies is displayed, and users can click it to view the additional policy names.
- 5
- Maximum matches: The maximum number of violations triggered by any given rule in the Incident.
- 20
- Transaction size:
- 10
- Channel: Indicates the channel used by the specific user activity that led to the alerts.
- 11
- Column selector: Used to configure which columns to display in the table.
- 12
- Search: Allows you to find a specific user by their name.
- 13
- Export to CSV: Allows you to export the alert details to a CSV file.
- 14
- Download Agent: Download the latest agent version.
- 15
- Notifications: Notification messages are displayed here.
- 16
- Help Icon: Link to the online documentation and What's New.
- 17
- Account Information: User account information.
- 18
- Quick Actions: Provides option for modifying the status, assignee, and severity.
- 19
- Manage Statuses: Allows to add or edit custom statuses.