1.Select the sensor (selected if there is an ‘x’ next to it
2.Select “Alarms” in pane 2
3.Create a simple or very complex filter to search the customers Alarms
4.Save this search for later (or create a tripwire and get new Alarms sent via email)
5.You can also look at a ‘grouped’ view of Alarms
1.Review all the events that were used to create the Alarm
2.Take action on the Alarm
- Assign the Alarm to a user
- Notify the contacts
- Create a ticket
- Close the Alarm
- Mark the Alarm as a false positive
- Mark the Alarm as ‘acknowledged’
3.Review the asset that produced the Alarm
Comments