Triggered Alert Details

The Triggered alert details tab shows detailed information on the triggered analytics rule alert and all events that caused it.

The data can be viewed as a table or as plain text. To switch between these views, click Switch to plain text view or Switch to table view at the bottom of the screen.

The following details about the triggered alert are displayed.

Name

Description

Triggered alert

The triggered alert ID.

Time

The time when the analytics rule was triggered. Displayed in the timezone set in UserGate SIEM.

Priority

The priority of the triggered alert configured in the settings:

  • Low: low response priority

  • Normal: needs attention and may need response

  • Important: needs attention and response

  • Critical: requires urgent response.

Rule

The name of the triggered analytics rule.

Find incident

Click this button to find incidents where this triggered alert is used.

Event list

The list of events that caused the triggered alert.

Clicking the Show triggered alerts button will take you to the Triggered alerts tab showing the list of triggered alerts for the selected analytics rule.