The Triggered alert details tab shows detailed information on the triggered analytics rule alert and all events that caused it.
The data can be viewed as a table or as plain text. To switch between these views, click Switch to plain text view or Switch to table view at the bottom of the screen.
The following details about the triggered alert are displayed.
Name |
Description |
---|---|
Triggered alert |
The triggered alert ID. |
Time |
The time when the analytics rule was triggered. Displayed in the timezone set in UserGate SIEM. |
Priority |
The priority of the triggered alert configured in the settings:
|
Rule |
The name of the triggered analytics rule. |
Find incident |
Click this button to find incidents where this triggered alert is used. |
Event list |
The list of events that caused the triggered alert. |
Clicking the Show triggered alerts button will take you to the Triggered alerts tab showing the list of triggered alerts for the selected analytics rule.