Alert rule management
Alerts work by running checks on a schedule to detect conditions. When a condition is met, the alert tracks it as an alert instance and responds by triggering one or more actions. It consists of three main parts:
- Conditions: what needs to be detected?
- Schedule: when/how often should detection checks run?
- Actions: what happens when a condition is detected?
Click on View rules tab to display this screen:
The data table displays alarms that a rule has triggered.
UTMStack provides time filtering as well as search bars to refine the search by:
Click on Manage alerts to display the Manage event screen.