Skip to content

Commit 2bdabec

Browse files
Merge pull request #44 from netwrix/stuart/auto-reorg-part2
Automatic Folder Restructuring - Part 2
2 parents 210f3c6 + 7d1b80f commit 2bdabec

File tree

2,076 files changed

+54661
-38301
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

2,076 files changed

+54661
-38301
lines changed

docs/1secure/admin/_category_.json

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
{
2+
"label": "Introducing Netwrix 1Secure",
3+
"position": 50,
4+
"collapsed": true,
5+
"collapsible": true,
6+
"link": {
7+
"type": "doc",
8+
"id": "overview"
9+
}
10+
}
Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
{
2+
"label": "Alert Profiles",
3+
"position": 70,
4+
"collapsed": true,
5+
"collapsible": true,
6+
"link": {
7+
"type": "doc",
8+
"id": "overview"
9+
}
10+
}
Lines changed: 136 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,136 @@
1+
---
2+
title: "Alerts"
3+
description: "Alerts"
4+
sidebar_position: 10
5+
---
6+
7+
# Alerts
8+
9+
When you create an alert profile, several alerts are preconfigured for it. You can, however, choose
10+
to enable or disable them as well as add custom alerts to the profile. These alerts are triggered by
11+
specific events. This means that when the defined action (event) is detected within the organization
12+
the alert profile is assigned to, an alert is generated. Alerts notify you of critical actions that
13+
impact your organization's security, enabling you to respond swiftly to potential risks.
14+
15+
You can access the generated alerts in the following ways:
16+
17+
- View the alerts generated for an organization on the Netwrix 1Secure dashboard. See the
18+
[1Secure Dashboard](/docs/1secure/admin/dashboard/overview.md) topic for additional information.
19+
- Receive alerts as email notifications sent to the specified email address(es). See the
20+
[Manage Delivery Settings for an Alert Profile](overview.md#manage-delivery-settings-for-an-alert-profile) topic
21+
for setting up email notifications.
22+
23+
Follow the steps to view the alerts within an alert profile.
24+
25+
**Step 1 –** Navigate to Configuration > Alerts.
26+
27+
**Step 2 –** Click an alert profile. The alerts for the profile are displayed in a list.
28+
29+
![Alerts List within an alert profile](/img/product_docs/1secure/admin/alerts/alertslist.webp)
30+
31+
You can view the following for each alert in the list:
32+
33+
- Source – Indicates the origin or type of data that triggers the alert. For example, Activity
34+
Records.
35+
- Alert Name – The name of the alert
36+
- Is Active – Indicates whether the alert is activated. You can toggle it ON or OFF as required.
37+
- Grouping On – Indicates whether grouping is applied to the alert. If yes, then it displays the
38+
criteria, such as What, Who, Where, etc.
39+
- Threshold – The threshold value set for the alert. The threshold is the minimum number of activity
40+
records that must occur within a specified time frame (threshold period) to trigger an alert.
41+
- Threshold Period – The threshold period set for the alert. The threshold period is the maximum
42+
duration, starting from the first activity record, within which the specified number of activity
43+
records (threshold) must occur to trigger an alert.
44+
- Batching Period – The batching period set for the alert. The batching period feature allows you to
45+
receive a single notification that includes all alerts triggered during the specified period.
46+
47+
## Add a Custom Alert
48+
49+
Follow the steps to add a custom alert.
50+
51+
**Step 1 –** Navigate to Configuration > Alerts.
52+
53+
**Step 2 –** Click an alert profile. The alerts for the profile are displayed in a list.
54+
55+
**Step 3 –** Click **Add**. The New Alert pane is displayed.
56+
57+
![New Alert Pane](/img/product_docs/1secure/admin/alerts/addcustomalert.webp)
58+
59+
**Step 4 –** Select a custom report from the Report drop-down menu to trigger the alert when a new
60+
record is generated for the report. See the [ Custom Reports](/docs/1secure/admin/searchandreports/customreports.md)
61+
topic for additional information.
62+
63+
**Step 5 –** Specify a name and description for the alert.
64+
65+
**Step 6 –** Toggle the **Is Active** switch to ON to activate the alert. Notifications are sent for
66+
active alerts only.
67+
68+
**Step 7 –** Toggle the **Is Grouped** switch to ON, which displays the Grouped On drop-down menu.
69+
When grouping is enabled, alerts are organized based on the criteria you select in the _Grouped On_
70+
drop-down menu.
71+
72+
**Step 8 –** Select one of the following options from the **Grouped On** drop-down menu:
73+
74+
- Who – Groups alerts with respect to the user who performed the activity (deleted an account,
75+
created a record, etc.)
76+
- Where – Groups alerts with respect to the location where the activity is performed. For example,
77+
SharePoint Online site, file server, etc.
78+
- What – Groups alerts with respect to the object the activity is performed on, such as a computer,
79+
file, etc.
80+
81+
Example: You have two users, User 1 and User 2, each performing different actions. By setting
82+
"Grouped On" to "Who", alerts will be generated per user, resulting in two separate alerts — one for
83+
User 1 and another for User 2. Each alert will include only the activity associated with that
84+
specific user. If grouping is not enabled, all activities will be consolidated into a single alert
85+
based on the specified _threshold_ and _threshold period_.
86+
87+
**Step 9 –** In the Threshold field, specify a threshold for the alert. The threshold is the minimum
88+
number of activity records that must occur within a specified time frame (threshold period) to
89+
trigger an alert. For example, if the threshold is set to 3, an alert will be triggered when at
90+
least 3 activity records are generated within the specified time frame.
91+
92+
**Step 10 –** In the Threshold Period field, specify a threshold period for the alert. The threshold
93+
period is the maximum duration, starting from the first activity record, within which the specified
94+
number of activity records (threshold) must occur to trigger an alert. For example, if the threshold
95+
is set to 5 and the threshold period is 10 minutes, at least 5 activity records must be generated
96+
within 10 minutes to trigger an alert.
97+
98+
**Step 11 –** If you do not want alert notifications to be sent to you each time an alert is
99+
generated, there is a batching period option. In the Batching Period field, specify a batching
100+
period for the alert. The batching period feature allows you to receive a single notification that
101+
includes all alerts triggered during the specified period. For example, if the batching period is
102+
set to 30 minutes (00:30:00) for an alert such as "Computer removed," you will receive a single
103+
notification for the alerts generated during that time frame, rather than receiving individual
104+
notifications for each alert.
105+
106+
**Step 12 –** Click **Save**.
107+
108+
The alert is configured and added to the list.
109+
110+
## Modify an Alert
111+
112+
Follow the steps to modify a preconfigured or custom alert.
113+
114+
**Step 1 –** Navigate to Configuration > Alerts.
115+
116+
**Step 2 –** Click an alert profile. The alerts for the profile are displayed in a list.
117+
118+
**Step 3 –** Click the **Edit** icon for an alert. The Edit alert pane is displayed.
119+
120+
**Step 4 –** Modify the required information. See the
121+
[Add a Custom Alert](#add-a-custom-alert) topic, starting from Step 4 for additional information.
122+
123+
**Step 5 –** Click **Save**.
124+
125+
## Delete a Custom Alert
126+
127+
Follow the steps to delete a custom alert.
128+
129+
**Step 1 –** Navigate to Configuration > Alerts.
130+
131+
**Step 2 –** Click an alert profile. The alerts for the profile are displayed in a list.
132+
133+
**Step 3 –** Click the **Delete** icon for an alert to delete it. A dialog box is displayed,
134+
prompting you to confirm the deletion of the alert.
135+
136+
**Step 4 –** Click **Yes**. The alert is deleted from the system.

docs/1secure/admin/alerts/index.md

Lines changed: 0 additions & 139 deletions
This file was deleted.

0 commit comments

Comments
 (0)