Skip to content

Managing Correlation Alerts

To manage all alerts, open Realtime page, which can be accessed by clicking the Settings > Alerts > Realtime. Realtime page provides you a list with all default correlation rules available in CYBERQUEST:

Alt Image

You can perform a several managerial actions on the alerts, by clicking on the respective icons, as described below:

  • Create a new alert: Press Alt Image button to create a new alert definition. Alert Settings window opens, allowing you to create a new custom alert specific to your needs. To create a new alert, please follow the link.

  • Import an alert: Press Alt Image to import an alert definition from an existing CQO file.

  • Quick Filter: You can use to search for a specific alert.

  • Alert details Alt Image: you can see a few details of the alert.

  • Enable/disable alert: The icon Alt Image implies that a alert is enabled, and the icon Alt Image implies that it is disabled. You can switch between enabling/disabling the rule by clicking on these icons.

  • Edit alert Alt Image: you can edit an existing definition.

  • Clone alert Alt Image : you can clone an existing definition.

  • Delete alert Alt Image: you can delete any of the custom alerts which are already created.

  • Export alert Alt Image: you can export a alert to a CQO file.

  • Dropdown: You can use the dropdown on the buttom right of the table to select the number of alerts to be displayed per page.

To see all triggered alerts, open Alerts Module. For more details, please follow the link.