the Alerts tab to see the list of alerts triggered. By default,
the Alerts tab lists all the alerts triggered so far. The triggered alerts can be administered by the users of Firewall Analyzer application.
This topic explains the following sub-topics of alert administration.
The administrator or operator can keep track of the actions taken on a particular alert. The actions are:
- The user can add a note or view the note(s) added by other users.
- The users can view the complete history of actions and notes on the alert but will not be able to modify the contents.
- The administrator can assign an alert to operator user.
- The operator can assign the alert to another operator user.
- The assigned user can remediate the alert and add the notes.
- The administrator only can delete the alerts which are not required any longer.
The All Alerts list shows the following:
||- the alert profile which triggered the alert.
||- the time stamp of the alert.
||- the host which triggered the alert.
||- the alert priority (high, medium, low) which was set as per requirement at the alert profile creation time.
||- the status of the alert notification, if any notification is configured.
||- the Firewall Analyzer application user assigned as owner to remediate the triggered alert
|| - the action by the user on the alert, to add or view notes on the alert and delete the alert.
Clicking on each alert profile would display the details of the alert and the details of the alert profile which triggered the alert.
The Alert Details are:
- the alert priority (high, medium, low) which was set as per requirement at the alert profile creation time
the host which triggered the alert.
|Last Event Message
||- the last event (type) message, which triggered the alert notification.
|Alert Profile Name
||- the name of the alert profile which triggered this alert. Besides the name, there is a link named "View all the alerts generated by this profile". Clicking the link displays all the alerts generated by the profile.
|Alert Notification Status
- the status of the alert notification, if any notification is configured.
|Date & Time
||- the time stamp of the alert.
|| - the action by the user on the alert, to add or view notes on the alert, assign owner, view alert history, and delete the alert.
The Alert Profile Details are:
||- the matching condition(s) set in the alert profile to triggered an alert.
||- displays the record of the last event, which triggered the alert notification.
The actions which can be performed by the users are:
||- the user can add a note or view the already existing note entries pertaining to this alert. Any user can add a note to the alert.
||- any user, higher in the hierarchy can assign an user, lower in the hierarchy, as owner to the alert to remediate. The hierarchy of users in the Firewall Analyzer application is: Admin > Operator > Guest. The lower hierarchy users can assign the alert to the user of same hierarchy, but cannot assign to the user in higher hierarchy.
||- all the actions like creation, assigning owner along with the notes, if any will be listed for the particular alert.
||- the administrator user can only delete the alert if it is not required any longer.
My Alerts lists the alerts assigned to an operator user either by another operator user or admin user. Same way, it lists the alerts assigned to an admin user either by another admin user or himself. It is displayed below the All Alerts on the Left Navigation Pane, only if alerts were assigned to the logged-in user. The My Alerts list displays the alert details same as that of the All Alerts list.